E:\CHEAT DEVELOPMENT JOURNEY\Vizsploit V3\build\cheat.pdb
Static task
static1
1 signatures
General
-
Target
cheat.dll
-
Size
372KB
-
MD5
0db8f5b0826b44a8da8cbf9c72399441
-
SHA1
b699922a255fa9f27c3042b0bf5f50e166a77a14
-
SHA256
4b3861d681a4ffb08eda1f31c6fe1d433f1290b9b80a09ff3a64bfaf49fa9696
-
SHA512
703c6b31ba12e72f5c3a01334b78b9bc6fbefaa459e6249d598ddd6e261a6b021ec2285dc911314b2fac697332ff96fed45b2507869e88c16f206392b49b0807
-
SSDEEP
6144:1wlefA8ZK21qZp9bVR+DGZ9Z5taXqkLyrBLx+Ln7uN7yHievqE7y:dA8L1qZpt+iZ9Z5taXI4Ln6R
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource cheat.dll
Files
-
cheat.dll.dll windows:6 windows x64 arch:x64
8b637d087b873efbe84381d6f85bf885
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
Imports
kernel32
GlobalUnlock
GetLocaleInfoA
LoadLibraryA
QueryPerformanceFrequency
GetProcAddress
QueryPerformanceCounter
GetSystemInfo
VirtualAlloc
VirtualFree
OpenThread
SetThreadContext
FlushInstructionCache
GetModuleHandleW
GetCurrentProcessId
GetThreadContext
HeapDestroy
HeapAlloc
HeapReAlloc
GetLastError
CreateToolhelp32Snapshot
ResumeThread
SuspendThread
GlobalLock
Thread32First
Thread32Next
GetCurrentProcess
HeapFree
VirtualProtect
HeapCreate
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
SetEvent
ResetEvent
WaitForSingleObjectEx
CreateEventW
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
GlobalFree
GlobalAlloc
MultiByteToWideChar
VirtualQuery
IsProcessorFeaturePresent
IsDebuggerPresent
GetSystemTimeAsFileTime
InitializeSListHead
EnterCriticalSection
CreateThread
CloseHandle
WideCharToMultiByte
DisableThreadLibraryCalls
Sleep
GetCurrentThreadId
GetModuleHandleA
user32
GetCapture
ScreenToClient
SetCapture
LoadCursorA
GetMessageExtraInfo
GetKeyState
RegisterClassExA
UnregisterClassA
GetForegroundWindow
DefWindowProcA
CallWindowProcA
GetAsyncKeyState
SetClipboardData
GetClipboardData
EmptyClipboard
CloseClipboard
OpenClipboard
GetCursorPos
SetCursorPos
ReleaseCapture
IsWindowUnicode
DestroyWindow
ClientToScreen
TrackMouseEvent
mouse_event
GetClientRect
SetWindowLongPtrA
CreateWindowExA
SetCursor
GetKeyboardLayout
msvcp140
?_Xlength_error@std@@YAXPEBD@Z
?_Xout_of_range@std@@YAXPEBD@Z
imm32
ImmReleaseContext
ImmSetCompositionWindow
ImmGetContext
ImmSetCandidateWindow
d3dcompiler_47
D3DCompile
vcruntime140_1
__CxxFrameHandler4
vcruntime140
memcpy
memcmp
memchr
memmove
__std_exception_destroy
__std_exception_copy
__std_type_info_destroy_list
_CxxThrowException
memset
__C_specific_handler
__current_exception_context
__current_exception
strstr
__std_terminate
api-ms-win-crt-heap-l1-1-0
calloc
_callnewh
malloc
free
api-ms-win-crt-stdio-l1-1-0
fread
__stdio_common_vsprintf_s
__acrt_iob_func
fflush
__stdio_common_vsscanf
ftell
__stdio_common_vsprintf
_wfopen
fwrite
fclose
fseek
__stdio_common_vfprintf
api-ms-win-crt-runtime-l1-1-0
_crt_atexit
_seh_filter_dll
_configure_narrow_argv
_invalid_parameter_noinfo_noreturn
_initterm_e
_initterm
_cexit
terminate
_execute_onexit_table
_register_onexit_function
_initialize_onexit_table
_initialize_narrow_environment
api-ms-win-crt-utility-l1-1-0
qsort
api-ms-win-crt-string-l1-1-0
strncmp
strncpy
strcmp
api-ms-win-crt-convert-l1-1-0
atof
api-ms-win-crt-math-l1-1-0
ceilf
acosf
_fdclass
cosf
fmod
fmodf
sqrtf
cos
sin
sinf
Sections
.text Size: 271KB - Virtual size: 270KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 59KB - Virtual size: 59KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 26KB - Virtual size: 28KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 13KB - Virtual size: 12KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 512B - Virtual size: 248B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 1024B - Virtual size: 624B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ