C:\Users\Kenei\Desktop\UCMiraka-ValorantExternal-master\x64\Release\Kernel.pdb
Static task
static1
1 signatures
General
-
Target
28-06-2024_xQFKGU5gk3XQaJT.zip
-
Size
202KB
-
MD5
ee1cd4910f797c38047596be708f2840
-
SHA1
0c2a39ee1b181b4d03b79d5a786d253f51cdbd90
-
SHA256
fe4f56ff6bd9276c8ed8729589caffe176bc105454c31c89c0922d304eacbf35
-
SHA512
755fabc773ef2f9c5f7fb16076dc0e087bd7eb8f8e715103fe24c0c2d9f837e792109aa9bcb2452a94090e608c5300d0b10c3119a33a7e88824c216bb3c999d8
-
SSDEEP
6144:Q3ydFuacKOmumz/hC0eCqlGY5asmjI4LU:AydF3cKzuI/YJJGY5abj5LU
Score
3/10
Malware Config
Signatures
-
Unsigned PE 3 IoCs
Checks for missing Authenticode signature.
resource unpack001/Valorant ESP Hack/Kernel.sys unpack001/Valorant ESP Hack/Mapper.exe unpack001/Valorant ESP Hack/Valorant.exe
Files
-
28-06-2024_xQFKGU5gk3XQaJT.zip.zip
Password: 123
-
Valorant ESP Hack/Kernel.sys.dll windows:6 windows x64 arch:x64
Password: 123
a44ad34e1dd0aef294ba32d4f7e2ba94
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
Imports
ntoskrnl.exe
ExAllocatePool
ZwQuerySystemInformation
DbgPrintEx
ObfDereferenceObject
tolower
MmUnmapIoSpace
IoGetCurrentProcess
PsLookupProcessByProcessId
MmCopyMemory
RtlGetVersion
MmMapIoSpaceEx
ExAllocatePoolWithTag
ExFreePoolWithTag
strcmp
Sections
.text Size: 3KB - Virtual size: 3KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 1024B - Virtual size: 1010B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: - Virtual size: 16B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 512B - Virtual size: 108B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
-
Valorant ESP Hack/Load Driver [ADMIN].bat
-
Valorant ESP Hack/Mapper.exe.exe windows:6 windows x64 arch:x64
Password: 123
afc1f930b16856804326528e39e42dd5
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
PDB Paths
D:\XD\kdmapper-master\kdmapper-master\x64\Release\kdmapper.pdb
Imports
kernel32
GetCurrentThreadId
GetModuleHandleA
GetLastError
CloseHandle
CreateFileW
GetProcAddress
DeleteCriticalSection
GetCurrentProcessId
SetUnhandledExceptionFilter
GetTempPathW
FormatMessageA
InitializeCriticalSectionEx
VirtualAlloc
DeviceIoControl
VirtualFree
GetFileAttributesExW
AreFileApisANSI
GetFileInformationByHandleEx
WideCharToMultiByte
IsDebuggerPresent
OutputDebugStringW
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
SetEvent
ResetEvent
WaitForSingleObjectEx
CreateEventW
GetModuleHandleW
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead
LocalFree
advapi32
RegCloseKey
RegDeleteKeyW
RegCreateKeyW
RegOpenKeyW
RegSetKeyValueW
msvcp140
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
?write@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@PEBD_J@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@P6AAEAVios_base@1@AEAV21@@Z@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@_K@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@PEBX@Z
?getloc@ios_base@std@@QEBA?AVlocale@2@XZ
?_Getcat@?$ctype@_W@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?widen@?$ctype@_W@std@@QEBA_WD@Z
?always_noconv@codecvt_base@std@@QEBA_NXZ
??Bid@locale@std@@QEAA_KXZ
?_Winerror_map@std@@YAHH@Z
?_Syserror_map@std@@YAPEBDH@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@K@Z
?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADD@Z
?put@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@D@Z
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@J@Z
?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UEAA@XZ
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
?setstate@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QEAAXH_N@Z
??1_Lockit@std@@QEAA@XZ
??0_Lockit@std@@QEAA@H@Z
?_Getgloballocale@locale@std@@CAPEAV_Locimp@12@XZ
?uncaught_exception@std@@YA_NXZ
?wcout@std@@3V?$basic_ostream@_WU?$char_traits@_W@std@@@1@A
?id@?$ctype@_W@std@@2V0locale@2@A
?id@?$codecvt@DDU_Mbstatet@@@std@@2V0locale@2@A
?_Fiopen@std@@YAPEAU_iobuf@@PEB_WHH@Z
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ
?out@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
?in@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
?flush@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV12@XZ
?_Osfx@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAXXZ
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXXZ
?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEBA?AVlocale@2@XZ
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ
?unshift@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEAD1AEAPEAD@Z
?sputc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QEAAG_W@Z
?put@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV12@_W@Z
?widen@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QEBA_WD@Z
?sputn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QEAA_JPEB_W_J@Z
?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?_Xlength_error@std@@YAXPEBD@Z
ntdll
NtQuerySystemInformation
RtlInitUnicodeString
vcruntime140_1
__CxxFrameHandler4
vcruntime140
__current_exception
__C_specific_handler
memset
_CxxThrowException
__std_terminate
__std_exception_destroy
memcpy
memcmp
__current_exception_context
memmove
__std_exception_copy
api-ms-win-crt-stdio-l1-1-0
_fseeki64
fread
fsetpos
ungetc
fputc
fflush
_set_fmode
setvbuf
fgetpos
fwrite
__p__commode
_get_stream_buffer_pointers
fgetc
fclose
api-ms-win-crt-heap-l1-1-0
malloc
_set_new_mode
_callnewh
free
api-ms-win-crt-utility-l1-1-0
rand
srand
api-ms-win-crt-filesystem-l1-1-0
_lock_file
_wremove
_unlock_file
api-ms-win-crt-string-l1-1-0
_wcsicmp
_stricmp
api-ms-win-crt-time-l1-1-0
_time64
api-ms-win-crt-runtime-l1-1-0
_initterm_e
_get_initial_wide_environment
_initialize_wide_environment
_configure_wide_argv
_initterm
__p___wargv
_set_app_type
_seh_filter_exe
_cexit
_crt_atexit
_register_onexit_function
_initialize_onexit_table
_c_exit
exit
_register_thread_local_exe_atexit_callback
terminate
_invalid_parameter_noinfo_noreturn
_exit
__p___argc
api-ms-win-crt-locale-l1-1-0
___lc_codepage_func
_configthreadlocale
api-ms-win-crt-math-l1-1-0
__setusermatherr
Sections
.text Size: 62KB - Virtual size: 61KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 65KB - Virtual size: 65KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 1KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 3KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 512B - Virtual size: 488B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 252B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
Valorant ESP Hack/Valorant.exe.exe windows:6 windows x64 arch:x64
Password: 123
4783753ff7d43e7e3556102b6b69404d
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
PDB Paths
C:\Users\Danya\Desktop\ValorantCheatExternal-master\x64\Release\Valorant.pdb
Imports
kernel32
FreeLibrary
QueryPerformanceCounter
SetLastError
CreateToolhelp32Snapshot
Sleep
GetLastError
Process32NextW
Process32FirstW
CloseHandle
CreateThread
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
QueryPerformanceFrequency
CreateEventW
GetModuleHandleW
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
GetProcAddress
LoadLibraryA
GlobalUnlock
WideCharToMultiByte
GlobalFree
GlobalLock
GlobalAlloc
MultiByteToWideChar
user32
GetWindowLongW
SetLayeredWindowAttributes
TranslateMessage
LoadIconW
SetWindowLongW
GetDesktopWindow
RegisterClassExA
GetWindowThreadProcessId
GetKeyState
SetClipboardData
GetClipboardData
EmptyClipboard
CloseClipboard
ScreenToClient
CreateWindowExA
GetWindowRect
DestroyWindow
SetWindowPos
GetSystemMetrics
ShowWindow
GetAsyncKeyState
DefWindowProcA
DispatchMessageW
PeekMessageW
MoveWindow
EnumWindows
UpdateWindow
ClientToScreen
OpenClipboard
GetCursorPos
SetCursorPos
GetClientRect
SetCursor
LoadCursorW
GetForegroundWindow
GetWindow
imm32
ImmSetCandidateWindow
ImmSetCompositionWindow
ImmReleaseContext
ImmGetContext
ImmAssociateContextEx
dwmapi
DwmExtendFrameIntoClientArea
msvcp140
_Thrd_detach
_Cnd_do_broadcast_at_thread_exit
?_Xlength_error@std@@YAXPEBD@Z
?_Throw_C_error@std@@YAXH@Z
?_Throw_Cpp_error@std@@YAXH@Z
d3d9
Direct3DCreate9Ex
vcruntime140_1
__CxxFrameHandler4
vcruntime140
memset
__C_specific_handler
__current_exception_context
__current_exception
__std_exception_copy
__std_exception_destroy
_CxxThrowException
strstr
__std_terminate
memchr
memcmp
memcpy
memmove
api-ms-win-crt-stdio-l1-1-0
__stdio_common_vsprintf
_wfopen
fwrite
_set_fmode
__p__commode
__stdio_common_vfprintf
fseek
fclose
fflush
__acrt_iob_func
__stdio_common_vsscanf
ftell
fread
__stdio_common_vsprintf_s
api-ms-win-crt-string-l1-1-0
strcmp
api-ms-win-crt-utility-l1-1-0
qsort
api-ms-win-crt-heap-l1-1-0
free
malloc
_set_new_mode
_callnewh
api-ms-win-crt-runtime-l1-1-0
_configure_narrow_argv
_get_initial_narrow_environment
_initterm
_initterm_e
_exit
_cexit
__p___argc
__p___argv
_c_exit
_set_app_type
_crt_atexit
_register_onexit_function
_initialize_onexit_table
_invalid_parameter_noinfo_noreturn
terminate
exit
_register_thread_local_exe_atexit_callback
_seh_filter_exe
_initialize_narrow_environment
_beginthreadex
api-ms-win-crt-math-l1-1-0
cosf
sinf
ceilf
acosf
sqrtf
__setusermatherr
tanf
api-ms-win-crt-locale-l1-1-0
_configthreadlocale
Sections
.text Size: 190KB - Virtual size: 190KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 44KB - Virtual size: 44KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 1KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 9KB - Virtual size: 9KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 512B - Virtual size: 488B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 184B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ