RE8[.]zip | Triage

Sharing

Copy URL Twitter E-mail

General

Target

RE8.zip
Size

5.0MB
MD5

20cc33668127c7a9ed39c564b2cfad0c
SHA1

0804d291956225fe5b36fe3e90e65e04a35f583c
SHA256

1eac22dbdd1a958687ff09ac5c17b824a98e171bd27e1d5ad7e04b991d4c8207
SHA512

3197cebd3695fc5dbc4e86053fb2acc31c1d3bbd0e41fb07df99685fdea33228ef837c23d4145487faade82a6e296708c76cc1c68b05165d68e57402dabf9c23
SSDEEP

98304:sw6hbzKyL9G17BAwwZqyvniDPv7iBA1+OX9bZt4rwynI0G2F0fxfzKk:r6hE17BwZqyv+Pvj1+yZt4r9nI0G2F05

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/dinput8.dll
unpack001/openxr_loader.dll

Files

RE8.zip
.zip
DELETE_OPENVR_API_DLL_IF_YOU_WANT_TO_USE_OPENXR
dinput8.dll
.dll windows:6 windows x64 arch:x64

670462a271beb32ee7d885175c1777e9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

advapi32

RegOpenKeyExA
RegQueryValueExA
RegCloseKey

kernel32

CreateThread
GetSystemDirectoryW
LoadLibraryW
GetFileAttributesA
Sleep
LoadLibraryExW
VirtualAlloc
VirtualProtect
FreeLibrary
OutputDebugStringA
GetModuleFileNameA
AllocConsole
SetEvent
ResetEvent
WaitForSingleObject
CreateEventA
QueryPerformanceCounter
QueryPerformanceFrequency
RtlCaptureStackBackTrace
OpenProcess
GetSystemInfo
VirtualFree
CreateFileMappingW
MapViewOfFile
UnmapViewOfFile
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
WriteConsoleW
FlushFileBuffers
GetDynamicTimeZoneInformation
GetStdHandle
WriteFile
GetConsoleMode
WriteConsoleA
GetConsoleScreenBufferInfo
SetConsoleTextAttribute
GetLastError
LoadLibraryExA
FormatMessageA
GlobalAlloc
GlobalUnlock
GlobalLock
GlobalFree
MultiByteToWideChar
WideCharToMultiByte
VirtualQuery
HeapCreate
HeapAlloc
HeapReAlloc
HeapFree
OpenThread
SuspendThread
ExitProcess
GetThreadContext
SetThreadContext
FlushInstructionCache
GetModuleHandleW
CreateToolhelp32Snapshot
Thread32First
Thread32Next
RaiseException
GetProcessHeap
CreateEventExW
RtlPcToFileHeader
AddVectoredExceptionHandler
RemoveVectoredExceptionHandler
GetModuleFileNameW
GetModuleHandleExA
IsBadCodePtr
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetOEMCP
GetACP
IsValidCodePage
HeapSize
CreatePipe
GetExitCodeProcess
DeleteFileW
GetTimeZoneInformation
ReadConsoleW
SetFilePointerEx
GetFileSizeEx
GetConsoleOutputCP
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
GetTimeFormatW
GetDateFormatW
FlsFree
FlsSetValue
FlsGetValue
FlsAlloc
CreateProcessW
ReadFile
GetFileType
SetStdHandle
ExitThread
InitializeCriticalSectionAndSpinCount
RtlUnwind
GetCurrentThreadId
GetCurrentProcessId
GetCurrentProcess
SetUnhandledExceptionFilter
RtlUnwindEx
CloseHandle
CreateFileA
DuplicateHandle
IsBadReadPtr
LoadLibraryA
GetProcAddress
GetModuleHandleA
ResumeThread
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
TryAcquireSRWLockExclusive
ReleaseSRWLockShared
AcquireSRWLockShared
LocalFree
GetLocaleInfoEx
CreateDirectoryW
CreateFileW
FindClose
FindFirstFileW
FindFirstFileExW
FindNextFileW
GetFileAttributesExW
GetFinalPathNameByHandleW
GetFullPathNameW
SetFileInformationByHandle
GetTempPathW
AreFileApisANSI
MoveFileExW
GetFileInformationByHandleEx
WaitForSingleObjectEx
SwitchToThread
GetExitCodeThread
WakeAllConditionVariable
SleepConditionVariableSRW
IsProcessorFeaturePresent
WakeConditionVariable
InitOnceBeginInitialize
InitOnceComplete
FreeLibraryWhenCallbackReturns
CreateThreadpoolWork
SubmitThreadpoolWork
CloseThreadpoolWork
GetModuleHandleExW
InitializeCriticalSectionEx
GetSystemTimeAsFileTime
EncodePointer
DecodePointer
LCMapStringEx
CompareStringEx
GetCPInfo
GetStringTypeW
InitializeSListHead
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
IsDebuggerPresent
UnhandledExceptionFilter
GetStartupInfoW
TerminateProcess
GetCurrentThread
GetThreadTimes
FreeLibraryAndExitThread
InterlockedPushEntrySList
InterlockedFlushSList
SetLastError
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
SetEndOfFile

user32

ReleaseCapture
GetDesktopWindow
DefWindowProcA
EmptyClipboard
GetClipboardData
SetClipboardData
CloseClipboard
OpenClipboard
LoadCursorA
ScreenToClient
ClientToScreen
GetCursorPos
SetCursor
SetCursorPos
GetClientRect
UnregisterClassA
GetForegroundWindow
SetCapture
GetCapture
GetKeyState
IsChild
VkKeyScanA
SetWindowLongPtrA
GetWindowTextA
GetRawInputData
GetWindowLongPtrA
CallWindowProcA
PostMessageA
MessageBoxA
DestroyWindow
CreateWindowExA
RegisterClassExA

shell32

SHGetSpecialFolderPathA

comdlg32

GetOpenFileNameA

imm32

ImmSetCompositionWindow
ImmSetCandidateWindow
ImmGetContext
ImmReleaseContext

shlwapi

PathRemoveFileSpecW

Exports

Exports

DirectInput8Create
ImBitVector_Clear
ImBitVector_ClearBit
ImBitVector_Create
ImBitVector_SetBit
ImBitVector_TestBit
ImColor_HSV
ImColor_ImColor_Float
ImColor_ImColor_Int
ImColor_ImColor_Nil
ImColor_ImColor_U32
ImColor_ImColor_Vec4
ImColor_SetHSV
ImColor_destroy
ImDrawCmd_GetTexID
ImDrawCmd_ImDrawCmd
ImDrawCmd_destroy
ImDrawDataBuilder_ImDrawDataBuilder
ImDrawDataBuilder_destroy
ImDrawData_AddDrawList
ImDrawData_Clear
ImDrawData_DeIndexAllBuffers
ImDrawData_ImDrawData
ImDrawData_ScaleClipRects
ImDrawData_destroy
ImDrawListSharedData_ImDrawListSharedData
ImDrawListSharedData_SetCircleTessellationMaxError
ImDrawListSharedData_destroy
ImDrawListSplitter_Clear
ImDrawListSplitter_ClearFreeMemory
ImDrawListSplitter_ImDrawListSplitter
ImDrawListSplitter_Merge
ImDrawListSplitter_SetCurrentChannel
ImDrawListSplitter_Split
ImDrawListSplitter_destroy
ImDrawList_AddBezierCubic
ImDrawList_AddBezierQuadratic
ImDrawList_AddCallback
ImDrawList_AddCircle
ImDrawList_AddCircleFilled
ImDrawList_AddConvexPolyFilled
ImDrawList_AddDrawCmd
ImDrawList_AddEllipse
ImDrawList_AddEllipseFilled
ImDrawList_AddImage
ImDrawList_AddImageQuad
ImDrawList_AddImageRounded
ImDrawList_AddLine
ImDrawList_AddNgon
ImDrawList_AddNgonFilled
ImDrawList_AddPolyline
ImDrawList_AddQuad
ImDrawList_AddQuadFilled
ImDrawList_AddRect
ImDrawList_AddRectFilled
ImDrawList_AddRectFilledMultiColor
ImDrawList_AddText_FontPtr
ImDrawList_AddText_Vec2
ImDrawList_AddTriangle
ImDrawList_AddTriangleFilled
ImDrawList_ChannelsMerge
ImDrawList_ChannelsSetCurrent
ImDrawList_ChannelsSplit
ImDrawList_CloneOutput
ImDrawList_GetClipRectMax
ImDrawList_GetClipRectMin
ImDrawList_ImDrawList
ImDrawList_PathArcTo
ImDrawList_PathArcToFast
ImDrawList_PathBezierCubicCurveTo
ImDrawList_PathBezierQuadraticCurveTo
ImDrawList_PathClear
ImDrawList_PathEllipticalArcTo
ImDrawList_PathFillConvex
ImDrawList_PathLineTo
ImDrawList_PathLineToMergeDuplicate
ImDrawList_PathRect
ImDrawList_PathStroke
ImDrawList_PopClipRect
ImDrawList_PopTextureID
ImDrawList_PrimQuadUV
ImDrawList_PrimRect
ImDrawList_PrimRectUV
ImDrawList_PrimReserve
ImDrawList_PrimUnreserve
ImDrawList_PrimVtx
ImDrawList_PrimWriteIdx
ImDrawList_PrimWriteVtx
ImDrawList_PushClipRect
ImDrawList_PushClipRectFullScreen
ImDrawList_PushTextureID
ImDrawList__CalcCircleAutoSegmentCount
ImDrawList__ClearFreeMemory
ImDrawList__OnChangedClipRect
ImDrawList__OnChangedTextureID
ImDrawList__OnChangedVtxOffset
ImDrawList__PathArcToFastEx
ImDrawList__PathArcToN
ImDrawList__PopUnusedDrawCmd
ImDrawList__ResetForNewFrame
ImDrawList__TryMergeDrawCmds
ImDrawList_destroy
ImFontAtlasCustomRect_ImFontAtlasCustomRect
ImFontAtlasCustomRect_IsPacked
ImFontAtlasCustomRect_destroy
ImFontAtlas_AddCustomRectFontGlyph
ImFontAtlas_AddCustomRectRegular
ImFontAtlas_AddFont
ImFontAtlas_AddFontDefault
ImFontAtlas_AddFontFromFileTTF
ImFontAtlas_AddFontFromMemoryCompressedBase85TTF
ImFontAtlas_AddFontFromMemoryCompressedTTF
ImFontAtlas_AddFontFromMemoryTTF
ImFontAtlas_Build
ImFontAtlas_CalcCustomRectUV
ImFontAtlas_Clear
ImFontAtlas_ClearFonts
ImFontAtlas_ClearInputData
ImFontAtlas_ClearTexData
ImFontAtlas_GetCustomRectByIndex
ImFontAtlas_GetGlyphRangesChineseFull
ImFontAtlas_GetGlyphRangesChineseSimplifiedCommon
ImFontAtlas_GetGlyphRangesCyrillic
ImFontAtlas_GetGlyphRangesDefault
ImFontAtlas_GetGlyphRangesGreek
ImFontAtlas_GetGlyphRangesJapanese
ImFontAtlas_GetGlyphRangesKorean
ImFontAtlas_GetGlyphRangesThai
ImFontAtlas_GetGlyphRangesVietnamese
ImFontAtlas_GetMouseCursorTexData
ImFontAtlas_GetTexDataAsAlpha8
ImFontAtlas_GetTexDataAsRGBA32
ImFontAtlas_ImFontAtlas
ImFontAtlas_IsBuilt
ImFontAtlas_SetTexID
ImFontAtlas_destroy
ImFontConfig_ImFontConfig
ImFontConfig_destroy
ImFontGlyphRangesBuilder_AddChar
ImFontGlyphRangesBuilder_AddRanges
ImFontGlyphRangesBuilder_AddText
ImFontGlyphRangesBuilder_BuildRanges
ImFontGlyphRangesBuilder_Clear
ImFontGlyphRangesBuilder_GetBit
ImFontGlyphRangesBuilder_ImFontGlyphRangesBuilder
ImFontGlyphRangesBuilder_SetBit
ImFontGlyphRangesBuilder_destroy
ImFont_AddGlyph
ImFont_AddRemapChar
ImFont_BuildLookupTable
ImFont_CalcTextSizeA
ImFont_CalcWordWrapPositionA
ImFont_ClearOutputData
ImFont_FindGlyph
ImFont_FindGlyphNoFallback
ImFont_GetCharAdvance
ImFont_GetDebugName
ImFont_GrowIndex
ImFont_ImFont
ImFont_IsGlyphRangeUnused
ImFont_IsLoaded
ImFont_RenderChar
ImFont_RenderText
ImFont_SetGlyphVisible
ImFont_destroy
ImGuiComboPreviewData_ImGuiComboPreviewData
ImGuiComboPreviewData_destroy
ImGuiContextHook_ImGuiContextHook
ImGuiContextHook_destroy
ImGuiContext_ImGuiContext
ImGuiContext_destroy
ImGuiDataVarInfo_GetVarPtr
ImGuiDebugAllocInfo_ImGuiDebugAllocInfo
ImGuiDebugAllocInfo_destroy
ImGuiIDStackTool_ImGuiIDStackTool
ImGuiIDStackTool_destroy
ImGuiIO_AddFocusEvent
ImGuiIO_AddInputCharacter
ImGuiIO_AddInputCharacterUTF16
ImGuiIO_AddInputCharactersUTF8
ImGuiIO_AddKeyAnalogEvent
ImGuiIO_AddKeyEvent
ImGuiIO_AddMouseButtonEvent
ImGuiIO_AddMousePosEvent
ImGuiIO_AddMouseSourceEvent
ImGuiIO_AddMouseWheelEvent
ImGuiIO_ClearEventsQueue
ImGuiIO_ClearInputKeys
ImGuiIO_ImGuiIO
ImGuiIO_SetAppAcceptingEvents
ImGuiIO_SetKeyEventNativeData
ImGuiIO_destroy
ImGuiInputEvent_ImGuiInputEvent
ImGuiInputEvent_destroy
ImGuiInputTextCallbackData_ClearSelection
ImGuiInputTextCallbackData_DeleteChars
ImGuiInputTextCallbackData_HasSelection
ImGuiInputTextCallbackData_ImGuiInputTextCallbackData
ImGuiInputTextCallbackData_InsertChars
ImGuiInputTextCallbackData_SelectAll
ImGuiInputTextCallbackData_destroy
ImGuiInputTextDeactivatedState_ClearFreeMemory
ImGuiInputTextDeactivatedState_ImGuiInputTextDeactivatedState
ImGuiInputTextDeactivatedState_destroy
ImGuiInputTextState_ClearFreeMemory
ImGuiInputTextState_ClearSelection
ImGuiInputTextState_ClearText
ImGuiInputTextState_CursorAnimReset
ImGuiInputTextState_CursorClamp
ImGuiInputTextState_GetCursorPos
ImGuiInputTextState_GetRedoAvailCount
ImGuiInputTextState_GetSelectionEnd
ImGuiInputTextState_GetSelectionStart
ImGuiInputTextState_GetUndoAvailCount
ImGuiInputTextState_HasSelection
ImGuiInputTextState_ImGuiInputTextState
ImGuiInputTextState_OnKeyPressed
ImGuiInputTextState_SelectAll
ImGuiInputTextState_destroy
ImGuiKeyOwnerData_ImGuiKeyOwnerData
ImGuiKeyOwnerData_destroy
ImGuiKeyRoutingData_ImGuiKeyRoutingData
ImGuiKeyRoutingData_destroy
ImGuiKeyRoutingTable_Clear
ImGuiKeyRoutingTable_ImGuiKeyRoutingTable
ImGuiKeyRoutingTable_destroy
ImGuiLastItemData_ImGuiLastItemData
ImGuiLastItemData_destroy
ImGuiListClipperData_ImGuiListClipperData
ImGuiListClipperData_Reset
ImGuiListClipperData_destroy
ImGuiListClipperRange_FromIndices
ImGuiListClipperRange_FromPositions
ImGuiListClipper_Begin
ImGuiListClipper_End
ImGuiListClipper_ImGuiListClipper
ImGuiListClipper_IncludeItemByIndex
ImGuiListClipper_IncludeItemsByIndex
ImGuiListClipper_Step
ImGuiListClipper_destroy
ImGuiMenuColumns_CalcNextTotalWidth
ImGuiMenuColumns_DeclColumns
ImGuiMenuColumns_ImGuiMenuColumns
ImGuiMenuColumns_Update
ImGuiMenuColumns_destroy
ImGuiNavItemData_Clear
ImGuiNavItemData_ImGuiNavItemData
ImGuiNavItemData_destroy
ImGuiNextItemData_ClearFlags
ImGuiNextItemData_ImGuiNextItemData
ImGuiNextItemData_destroy
ImGuiNextWindowData_ClearFlags
ImGuiNextWindowData_ImGuiNextWindowData
ImGuiNextWindowData_destroy
ImGuiOldColumnData_ImGuiOldColumnData
ImGuiOldColumnData_destroy
ImGuiOldColumns_ImGuiOldColumns
ImGuiOldColumns_destroy
ImGuiOnceUponAFrame_ImGuiOnceUponAFrame
ImGuiOnceUponAFrame_destroy
ImGuiPayload_Clear
ImGuiPayload_ImGuiPayload
ImGuiPayload_IsDataType
ImGuiPayload_IsDelivery
ImGuiPayload_IsPreview
ImGuiPayload_destroy
ImGuiPlatformImeData_ImGuiPlatformImeData
ImGuiPlatformImeData_destroy
ImGuiPopupData_ImGuiPopupData
ImGuiPopupData_destroy
ImGuiPtrOrIndex_ImGuiPtrOrIndex_Int
ImGuiPtrOrIndex_ImGuiPtrOrIndex_Ptr
ImGuiPtrOrIndex_destroy
ImGuiSettingsHandler_ImGuiSettingsHandler
ImGuiSettingsHandler_destroy
ImGuiStackLevelInfo_ImGuiStackLevelInfo
ImGuiStackLevelInfo_destroy
ImGuiStackSizes_CompareWithContextState
ImGuiStackSizes_ImGuiStackSizes
ImGuiStackSizes_SetToContextState
ImGuiStackSizes_destroy
ImGuiStoragePair_ImGuiStoragePair_Float
ImGuiStoragePair_ImGuiStoragePair_Int
ImGuiStoragePair_ImGuiStoragePair_Ptr
ImGuiStoragePair_destroy
ImGuiStorage_BuildSortByKey
ImGuiStorage_Clear
ImGuiStorage_GetBool
ImGuiStorage_GetBoolRef
ImGuiStorage_GetFloat
ImGuiStorage_GetFloatRef
ImGuiStorage_GetInt
ImGuiStorage_GetIntRef
ImGuiStorage_GetVoidPtr
ImGuiStorage_GetVoidPtrRef
ImGuiStorage_SetAllInt
ImGuiStorage_SetBool
ImGuiStorage_SetFloat
ImGuiStorage_SetInt
ImGuiStorage_SetVoidPtr
ImGuiStyleMod_ImGuiStyleMod_Float
ImGuiStyleMod_ImGuiStyleMod_Int
ImGuiStyleMod_ImGuiStyleMod_Vec2
ImGuiStyleMod_destroy
ImGuiStyle_ImGuiStyle
ImGuiStyle_ScaleAllSizes
ImGuiStyle_destroy
ImGuiTabBar_ImGuiTabBar
ImGuiTabBar_destroy
ImGuiTabItem_ImGuiTabItem
ImGuiTabItem_destroy
ImGuiTableColumnSettings_ImGuiTableColumnSettings
ImGuiTableColumnSettings_destroy
ImGuiTableColumnSortSpecs_ImGuiTableColumnSortSpecs
ImGuiTableColumnSortSpecs_destroy
ImGuiTableColumn_ImGuiTableColumn
ImGuiTableColumn_destroy
ImGuiTableInstanceData_ImGuiTableInstanceData
ImGuiTableInstanceData_destroy
ImGuiTableSettings_GetColumnSettings
ImGuiTableSettings_ImGuiTableSettings
ImGuiTableSettings_destroy
ImGuiTableSortSpecs_ImGuiTableSortSpecs
ImGuiTableSortSpecs_destroy
ImGuiTableTempData_ImGuiTableTempData
ImGuiTableTempData_destroy
ImGuiTable_ImGuiTable
ImGuiTable_destroy
ImGuiTextBuffer_ImGuiTextBuffer
ImGuiTextBuffer_append
ImGuiTextBuffer_appendf
ImGuiTextBuffer_appendfv
ImGuiTextBuffer_begin
ImGuiTextBuffer_c_str
ImGuiTextBuffer_clear
ImGuiTextBuffer_destroy
ImGuiTextBuffer_empty
ImGuiTextBuffer_end
ImGuiTextBuffer_reserve
ImGuiTextBuffer_size
ImGuiTextFilter_Build
ImGuiTextFilter_Clear
ImGuiTextFilter_Draw
ImGuiTextFilter_ImGuiTextFilter
ImGuiTextFilter_IsActive
ImGuiTextFilter_PassFilter
ImGuiTextFilter_destroy
ImGuiTextIndex_append
ImGuiTextIndex_clear
ImGuiTextIndex_get_line_begin
ImGuiTextIndex_get_line_end
ImGuiTextIndex_size
ImGuiTextRange_ImGuiTextRange_Nil
ImGuiTextRange_ImGuiTextRange_Str
ImGuiTextRange_destroy
ImGuiTextRange_empty
ImGuiTextRange_split
ImGuiTypingSelectState_Clear
ImGuiTypingSelectState_ImGuiTypingSelectState
ImGuiTypingSelectState_destroy
ImGuiViewportP_CalcWorkRectPos
ImGuiViewportP_CalcWorkRectSize
ImGuiViewportP_GetBuildWorkRect
ImGuiViewportP_GetMainRect
ImGuiViewportP_GetWorkRect
ImGuiViewportP_ImGuiViewportP
ImGuiViewportP_UpdateWorkRect
ImGuiViewportP_destroy
ImGuiViewport_GetCenter
ImGuiViewport_GetWorkCenter
ImGuiViewport_ImGuiViewport
ImGuiViewport_destroy
ImGuiWindowSettings_GetName
ImGuiWindowSettings_ImGuiWindowSettings
ImGuiWindowSettings_destroy
ImGuiWindow_CalcFontSize
ImGuiWindow_GetIDFromRectangle
ImGuiWindow_GetID_Int
ImGuiWindow_GetID_Ptr
ImGuiWindow_GetID_Str
ImGuiWindow_ImGuiWindow
ImGuiWindow_MenuBarHeight
ImGuiWindow_MenuBarRect
ImGuiWindow_Rect
ImGuiWindow_TitleBarHeight
ImGuiWindow_TitleBarRect
ImGuiWindow_destroy
ImRect_Add_Rect
ImRect_Add_Vec2
ImRect_ClipWith
ImRect_ClipWithFull
ImRect_ContainsWithPad
ImRect_Contains_Rect
ImRect_Contains_Vec2
ImRect_Expand_Float
ImRect_Expand_Vec2
ImRect_Floor
ImRect_GetArea
ImRect_GetBL
ImRect_GetBR
ImRect_GetCenter
ImRect_GetHeight
ImRect_GetSize
ImRect_GetTL
ImRect_GetTR
ImRect_GetWidth
ImRect_ImRect_Float
ImRect_ImRect_Nil
ImRect_ImRect_Vec2
ImRect_ImRect_Vec4
ImRect_IsInverted
ImRect_Overlaps
ImRect_ToVec4
ImRect_Translate
ImRect_TranslateX
ImRect_TranslateY
ImRect_destroy
ImVec1_ImVec1_Float
ImVec1_ImVec1_Nil
ImVec1_destroy
ImVec2_ImVec2_Float
ImVec2_ImVec2_Nil
ImVec2_destroy
ImVec2ih_ImVec2ih_Nil
ImVec2ih_ImVec2ih_Vec2
ImVec2ih_ImVec2ih_short
ImVec2ih_destroy
ImVec4_ImVec4_Float
ImVec4_ImVec4_Nil
ImVec4_destroy
ImVector_ImWchar_Init
ImVector_ImWchar_UnInit
ImVector_ImWchar_create
ImVector_ImWchar_destroy
direct_input8_create
igAcceptDragDropPayload
igActivateItemByID
igAddContextHook
igAddDrawListToDrawDataEx
igAddSettingsHandler
igAlignTextToFramePadding
igArrowButton
igArrowButtonEx
igBegin
igBeginChildEx
igBeginChild_ID
igBeginChild_Str
igBeginColumns
igBeginCombo
igBeginComboPopup
igBeginComboPreview
igBeginDisabled
igBeginDragDropSource
igBeginDragDropTarget
igBeginDragDropTargetCustom
igBeginGroup
igBeginItemTooltip
igBeginListBox
igBeginMainMenuBar
igBeginMenu
igBeginMenuBar
igBeginMenuEx
igBeginPopup
igBeginPopupContextItem
igBeginPopupContextVoid
igBeginPopupContextWindow
igBeginPopupEx
igBeginPopupModal
igBeginTabBar
igBeginTabBarEx
igBeginTabItem
igBeginTable
igBeginTableEx
igBeginTooltip
igBeginTooltipEx
igBeginTooltipHidden
igBeginViewportSideBar
igBringWindowToDisplayBack
igBringWindowToDisplayBehind
igBringWindowToDisplayFront
igBringWindowToFocusFront
igBullet
igBulletText
igBulletTextV
igButton
igButtonBehavior
igButtonEx
igCalcItemSize
igCalcItemWidth
igCalcTextSize
igCalcTypematicRepeatAmount
igCalcWindowNextAutoFitSize
igCalcWrapWidthForPos
igCallContextHooks
igCheckbox
igCheckboxFlags_IntPtr
igCheckboxFlags_S64Ptr
igCheckboxFlags_U64Ptr
igCheckboxFlags_UintPtr
igClearActiveID

Sections

.text
Size: 6.4MB - Virtual size: 6.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5.2MB - Virtual size: 5.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 167KB - Virtual size: 355KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 267KB - Virtual size: 267KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 500B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 38KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
openvr_api.dll
.dll windows:6 windows x64 arch:x64

60cb0e399107eafb5e9071ed553ad4ab

Code Sign

0c:e7:e0:e5:17:d8:46:fe:8f:e5:60:fc:1b:f0:30:39
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

10/11/2006, 00:00

Not After

10/11/2031, 00:00

Subject

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

05:4f:46:6c:ec:cb:e9:d6:be:e8:1f:54:35:e6:4d:47
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

04/10/2018, 00:00

Not After

07/10/2021, 12:00

Subject

CN=Valve,O=Valve,L=Bellevue,ST=WA,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2013, 12:00

Not After

22/10/2028, 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

b8:6b:50:04:9f:a7:92:4a:60:4a:bc:99:bc:82:75:7d:be:c6:ce:bf
Signer

Actual PE Digest

b8:6b:50:04:9f:a7:92:4a:60:4a:bc:99:bc:82:75:7d:be:c6:ce:bf

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

c:\buildslave\steamvr_rel_win64\build\src\openvr_api\Retailopenvr_api\win64\2017\openvr_api.pdb

Imports

kernel32

GetModuleFileNameW
WideCharToMultiByte
GetLastError
FreeLibrary
GetProcAddress
LoadLibraryExA
MultiByteToWideChar
GetACP
SetEnvironmentVariableA
GetEnvironmentVariableA
CloseHandle
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
SetEvent
ResetEvent
WaitForSingleObjectEx
CreateEventW
GetModuleHandleW
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
TryEnterCriticalSection
SetLastError
SwitchToThread
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetTickCount
EncodePointer
DecodePointer
CompareStringW
LCMapStringW
GetLocaleInfoW
GetStringTypeW
GetCPInfo
LoadLibraryW
RtlPcToFileHeader
RaiseException
RtlUnwindEx
InterlockedPushEntrySList
InterlockedFlushSList
LoadLibraryExW
GetCurrentProcess
TerminateProcess
ReadFile
GetDriveTypeW
GetFullPathNameW
GetCurrentDirectoryW
CreateFileW
GetFileInformationByHandle
GetFileType
PeekNamedPipe
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
ExitProcess
GetModuleHandleExW
GetModuleFileNameA
GetCurrentThread
HeapFree
GetStdHandle
GetConsoleMode
ReadConsoleW
SetFilePointerEx
WriteFile
GetConsoleCP
HeapAlloc
SetStdHandle
GetDateFormatW
GetTimeFormatW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
FindClose
FindFirstFileExA
FindNextFileA
IsValidCodePage
GetOEMCP
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetProcessHeap
HeapReAlloc
GetTimeZoneInformation
FlushFileBuffers
HeapSize
SetEndOfFile
WriteConsoleW
Sleep
SignalObjectAndWait
CreateThread
SetThreadPriority
GetThreadPriority
GetLogicalProcessorInformation
CreateTimerQueueTimer
ChangeTimerQueueTimer
DeleteTimerQueueTimer
GetNumaHighestNodeNumber
GetProcessAffinityMask
SetThreadAffinityMask
RegisterWaitForSingleObject
UnregisterWait
GetThreadTimes
FreeLibraryAndExitThread
GetModuleHandleA
GetVersionExW
VirtualAlloc
VirtualProtect
VirtualFree
DuplicateHandle
ReleaseSemaphore
InterlockedPopEntrySList
QueryDepthSList
UnregisterWaitEx
CreateTimerQueue

shell32

SHGetFolderPathW

Exports

Exports

LiquidVR
VRControlPanel
VRHeadsetView
VRPaths
VRVirtualDisplay
VR_GetGenericInterface
VR_GetInitToken
VR_GetRuntimePath
VR_GetStringForHmdError
VR_GetVRInitErrorAsEnglishDescription
VR_GetVRInitErrorAsSymbol
VR_InitInternal
VR_InitInternal2
VR_IsHmdPresent
VR_IsInterfaceVersionValid
VR_IsRuntimeInstalled
VR_RuntimePath
VR_ShutdownInternal

Sections

.text
Size: 530KB - Virtual size: 529KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 172KB - Virtual size: 171KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 43KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
openxr_loader.dll
.dll windows:6 windows x64 arch:x64

052c00693b849bafabd05b34c983e623

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

advapi32

OpenProcessToken
GetSidSubAuthority
GetSidSubAuthorityCount
GetTokenInformation
RegCloseKey
RegEnumValueW
RegOpenKeyExW
RegGetValueW

kernel32

GetEnvironmentVariableW
GetFileAttributesW
GetLastError
FreeLibrary
GetProcAddress
LoadLibraryExW
LoadLibraryW
FormatMessageW
MultiByteToWideChar
WideCharToMultiByte
OutputDebugStringA
CloseHandle
GetCurrentProcess
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
WakeAllConditionVariable
SleepConditionVariableSRW
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
IsProcessorFeaturePresent
GetModuleHandleW
TerminateProcess
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
TryAcquireSRWLockExclusive
WakeConditionVariable
FormatMessageA
LocalFree
GetLocaleInfoEx
CreateFileW
FindClose
FindFirstFileW
FindFirstFileExW
FindNextFileW
GetFileAttributesExW
GetFullPathNameW
AreFileApisANSI
GetFileInformationByHandleEx
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionEx
DeleteCriticalSection
EncodePointer
DecodePointer
LCMapStringEx
GetStringTypeW
GetCPInfo
RtlPcToFileHeader
RaiseException
RtlUnwindEx
InterlockedFlushSList
SetLastError
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
ExitProcess
GetModuleHandleExW
GetModuleFileNameW
HeapFree
HeapAlloc
GetStdHandle
GetFileType
FlsAlloc
FlsGetValue
FlsSetValue
FlsFree
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
FlushFileBuffers
WriteFile
GetConsoleOutputCP
GetConsoleMode
ReadFile
GetFileSizeEx
SetFilePointerEx
ReadConsoleW
IsValidCodePage
GetACP
GetOEMCP
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetProcessHeap
HeapReAlloc
SetStdHandle
HeapSize
WriteConsoleW
SetEndOfFile
RtlUnwind

Exports

Exports

xrAcquireSwapchainImage
xrApplyHapticFeedback
xrAttachSessionActionSets
xrBeginFrame
xrBeginSession
xrCreateAction
xrCreateActionSet
xrCreateActionSpace
xrCreateInstance
xrCreateReferenceSpace
xrCreateSession
xrCreateSwapchain
xrDestroyAction
xrDestroyActionSet
xrDestroyInstance
xrDestroySession
xrDestroySpace
xrDestroySwapchain
xrEndFrame
xrEndSession
xrEnumerateApiLayerProperties
xrEnumerateBoundSourcesForAction
xrEnumerateEnvironmentBlendModes
xrEnumerateInstanceExtensionProperties
xrEnumerateReferenceSpaces
xrEnumerateSwapchainFormats
xrEnumerateSwapchainImages
xrEnumerateViewConfigurationViews
xrEnumerateViewConfigurations
xrGetActionStateBoolean
xrGetActionStateFloat
xrGetActionStatePose
xrGetActionStateVector2f
xrGetCurrentInteractionProfile
xrGetInputSourceLocalizedName
xrGetInstanceProcAddr
xrGetInstanceProperties
xrGetReferenceSpaceBoundsRect
xrGetSystem
xrGetSystemProperties
xrGetViewConfigurationProperties
xrLocateSpace
xrLocateViews
xrPathToString
xrPollEvent
xrReleaseSwapchainImage
xrRequestExitSession
xrResultToString
xrStopHapticFeedback
xrStringToPath
xrStructureTypeToString
xrSuggestInteractionProfileBindings
xrSyncActions
xrWaitFrame
xrWaitSwapchainImage

Sections

.text
Size: 479KB - Virtual size: 478KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 114KB - Virtual size: 114KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 500B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
reframework/autorun/re2_sharpness_removal.lua
reframework/autorun/re2_smooth_movement.lua
reframework/autorun/re2_vr_crosshair.lua
reframework/autorun/re2_vr_grenade.lua
reframework/autorun/re2_vr_melee.lua
.js
reframework/autorun/re4_vr_crosshair.lua
reframework/autorun/re8_vr.lua
.js
reframework/autorun/utility/GameObject.lua
reframework/autorun/utility/ManagedObjectDict.lua
.js
reframework/autorun/utility/RE2.lua
reframework/autorun/utility/RE4.lua
.js
reframework/autorun/utility/RE7.lua
.js
reframework/autorun/utility/RE8.lua
.js
reframework/autorun/utility/Statics.lua
reframework/autorun/vr/VRControllerManager.lua
.js
reframework_revision.txt

Sharing

General

Malware Config

Signatures

Files

670462a271beb32ee7d885175c1777e9

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

kernel32

user32

shell32

comdlg32

imm32

shlwapi

Exports

Exports

Sections

.text Size: 6.4MB - Virtual size: 6.4MB

.rdata Size: 5.2MB - Virtual size: 5.2MB

.data Size: 167KB - Virtual size: 355KB

.pdata Size: 267KB - Virtual size: 267KB

_RDATA Size: 512B - Virtual size: 500B

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 38KB - Virtual size: 37KB

60cb0e399107eafb5e9071ed553ad4ab

Code Sign

0c:e7:e0:e5:17:d8:46:fe:8f:e5:60:fc:1b:f0:30:39Certificate

Key Usages

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:ddCertificate

Extended Key Usages

Key Usages

05:4f:46:6c:ec:cb:e9:d6:be:e8:1f:54:35:e6:4d:47Certificate

Extended Key Usages

Key Usages

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08Certificate

Extended Key Usages

Key Usages

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15Certificate

Extended Key Usages

Key Usages

b8:6b:50:04:9f:a7:92:4a:60:4a:bc:99:bc:82:75:7d:be:c6:ce:bfSigner

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

shell32

Exports

Exports

Sections

.text Size: 530KB - Virtual size: 529KB

.rdata Size: 172KB - Virtual size: 171KB

.data Size: 14KB - Virtual size: 22KB

.pdata Size: 26KB - Virtual size: 25KB

.rsrc Size: 43KB - Virtual size: 43KB

.reloc Size: 6KB - Virtual size: 5KB

052c00693b849bafabd05b34c983e623

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

kernel32

Exports

Exports

Sections

.text Size: 479KB - Virtual size: 478KB

.rdata Size: 114KB - Virtual size: 114KB

.data Size: 7KB - Virtual size: 13KB

.pdata Size: 20KB - Virtual size: 19KB

_RDATA Size: 512B - Virtual size: 500B

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 3KB - Virtual size: 2KB

.text
Size: 6.4MB - Virtual size: 6.4MB

.rdata
Size: 5.2MB - Virtual size: 5.2MB

.data
Size: 167KB - Virtual size: 355KB

.pdata
Size: 267KB - Virtual size: 267KB

_RDATA
Size: 512B - Virtual size: 500B

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 38KB - Virtual size: 37KB

0c:e7:e0:e5:17:d8:46:fe:8f:e5:60:fc:1b:f0:30:39
Certificate

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

05:4f:46:6c:ec:cb:e9:d6:be:e8:1f:54:35:e6:4d:47
Certificate

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

b8:6b:50:04:9f:a7:92:4a:60:4a:bc:99:bc:82:75:7d:be:c6:ce:bf
Signer

.text
Size: 530KB - Virtual size: 529KB

.rdata
Size: 172KB - Virtual size: 171KB

.data
Size: 14KB - Virtual size: 22KB

.pdata
Size: 26KB - Virtual size: 25KB

.rsrc
Size: 43KB - Virtual size: 43KB

.reloc
Size: 6KB - Virtual size: 5KB

.text
Size: 479KB - Virtual size: 478KB

.rdata
Size: 114KB - Virtual size: 114KB

.data
Size: 7KB - Virtual size: 13KB

.pdata
Size: 20KB - Virtual size: 19KB

_RDATA
Size: 512B - Virtual size: 500B

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 3KB - Virtual size: 2KB