Z:\export\jenkins\workspace\int8-build-stream-pcv2\obj\v141\x64\PC\PlatinumSteam\GameP.pdb
Static task
static1
1 signatures
General
-
Target
GoW.exe
-
Size
18.9MB
-
MD5
78263e034f32b50c83e907a0af4e855d
-
SHA1
876c342fd603bdabce4fb2d4f5586cfaf298811a
-
SHA256
a3b83b8747d44e1162f5abf951c9901a5e0aced9b9ff7df47c931849b5eaf4f7
-
SHA512
fe1f393147ebfd11a66f02562c6447fd92f97b9638f1371295b23ffb681ff728c0d45a03a4851893e3e7e7c89475f0c3a795b691565df5a6ce7d269a3106fc7a
-
SSDEEP
196608:ypKoIuJpab90T6Y3mnSyy6KZ2RMyAI9rk2RqEVyyEeDzX:wIwpab9493mnSyy6+2RMbI/wEVzD
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource GoW.exe
Files
-
GoW.exe.exe windows:10 windows x64 arch:x64
6a33d01d5b64f8a069e52a45d4140916
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_NET_RUN_FROM_SWAP
PDB Paths
Imports
kernel32
ResetEvent
SetEvent
InitializeCriticalSection
WaitForSingleObject
FindClose
FindNextFileA
LeaveCriticalSection
GetFileAttributesExA
SetThreadExecutionState
GetPrivateProfileStringA
LocalSize
WritePrivateProfileStringA
FormatMessageW
LocalAlloc
CreateEventA
FindFirstFileExA
lstrlenW
LocalFree
CloseHandle
GetDiskFreeSpaceExW
GetFileAttributesW
CreateFileW
SetEndOfFile
SetFilePointer
WriteFile
ReadFile
CreateDirectoryW
CreateDirectoryA
DebugBreak
IsDebuggerPresent
ExitProcess
GetModuleFileNameW
GetLargePageMinimum
VirtualAlloc
VirtualFree
SetUnhandledExceptionFilter
WideCharToMultiByte
FreeLibrary
GlobalMemoryStatusEx
GetProcAddress
LoadLibraryW
RaiseException
K32GetProcessMemoryInfo
MultiByteToWideChar
SetErrorMode
GetUserDefaultLocaleName
OutputDebugStringA
GetCurrentProcess
GetSystemInfo
FormatMessageA
GetLastError
VerifyVersionInfoW
VerSetConditionMask
Sleep
GetModuleHandleA
GetModuleFileNameA
GetModuleHandleW
LoadLibraryExW
LoadLibraryA
SetEnvironmentVariableW
InitializeCriticalSectionEx
ReleaseMutex
CreateMutexA
CreateFiber
ConvertThreadToFiber
ConvertFiberToThread
SwitchToFiber
DeleteFiber
GetFullPathNameW
CreateProcessW
CreateProcessA
SetEnvironmentVariableA
GetEnvironmentVariableA
CreateSemaphoreA
GetModuleHandleExA
GetStdHandle
ReleaseSemaphore
GetCurrentProcessId
CreateWaitableTimerA
AllocConsole
WriteConsoleA
SetConsoleTitleA
UnmapViewOfFile
SetWaitableTimer
CreateFileA
GetThreadId
GetCurrentThread
DuplicateHandle
ResumeThread
TryEnterCriticalSection
CreateFileMappingA
CreateJobObjectA
QueryFullProcessImageNameA
AssignProcessToJobObject
SetInformationJobObject
GetFileSize
GetSystemTime
TzSpecificLocalTimeToSystemTime
GetTimeZoneInformation
MapViewOfFile
GetFileTime
SetFileTime
GetFileAttributesA
MoveFileExA
GetSystemTimeAsFileTime
CreateThread
DeleteCriticalSection
DeviceIoControl
DeleteFileA
VirtualProtect
VirtualQuery
InitializeCriticalSectionAndSpinCount
WaitForSingleObjectEx
CreateEventW
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
GetStartupInfoW
QueryPerformanceCounter
GetCurrentThreadId
InitializeSListHead
GetVersionExA
SleepEx
OutputDebugStringW
GetSystemDirectoryW
SetLastError
lstrcmpA
EnterCriticalSection
GetConsoleWindow
FreeConsole
GetTickCount
ExpandEnvironmentStringsA
WaitForMultipleObjects
PeekNamedPipe
GetFileType
TerminateThread
GetThreadContext
SetThreadContext
QueryPerformanceFrequency
SetThreadAffinityMask
SetThreadPriority
WaitForMultipleObjectsEx
FileTimeToSystemTime
user32
TranslateMessage
ClipCursor
DefWindowProcA
SendMessageA
SetCapture
LoadIconA
GetClientRect
PeekMessageA
PostQuitMessage
DestroyWindow
GetParent
ShowWindow
AdjustWindowRect
MoveWindow
RegisterClassExA
SetThreadDpiAwarenessContext
RegisterHotKey
ReleaseCapture
ShowCursor
InvalidateRect
SetCursorPos
GetCursorPos
BeginPaint
EndPaint
VkKeyScanA
MapVirtualKeyA
LoadKeyboardLayoutA
TrackMouseEvent
SetWindowPlacement
GetWindowLongA
ClientToScreen
SetWindowLongA
GetCursorInfo
GetCapture
IsWindow
GetWindowPlacement
ScreenToClient
SetWindowPos
LoadCursorA
GetWindowRect
DispatchMessageA
UnregisterHotKey
CreateWindowExA
GetWindowLongPtrW
CallWindowProcW
SetWindowLongPtrW
PtInRect
RegisterDeviceNotificationW
UnregisterDeviceNotification
GetRawInputData
GetWindowThreadProcessId
EnumDisplayDevicesA
MessageBoxA
EnumDisplaySettingsA
GetMonitorInfoA
EnumDisplayMonitors
MonitorFromWindow
SetProcessDpiAwarenessContext
GetAncestor
GetForegroundWindow
RegisterRawInputDevices
MessageBoxW
GetKeyboardLayout
MapVirtualKeyExA
version
GetFileVersionInfoA
VerQueryValueA
xinput1_4
ord3
ord2
dxgi
CreateDXGIFactory1
d3d11
D3D11CreateDevice
d3dcompiler_47
D3DReflect
msvcp140
?_MP_Add@std@@YAXQEA_K_K@Z
?_MP_Mul@std@@YAXQEA_K_K1@Z
?_MP_Get@std@@YA_KQEA_K@Z
_Mtx_init_in_situ
_Mtx_destroy_in_situ
_Mtx_lock
_Mtx_unlock
?_Throw_C_error@std@@YAXH@Z
?_MP_Rem@std@@YAXQEA_K_K@Z
?_Xlength_error@std@@YAXPEBD@Z
iphlpapi
GetAdaptersInfo
vcruntime140
__std_type_info_destroy_list
__C_specific_handler
longjmp
__intrinsic_setjmp
memchr
_CxxThrowException
memmove
memcmp
memcpy
wcsstr
wcsrchr
memset
_set_purecall_handler
strrchr
strchr
strstr
wcschr
set_unexpected
__std_terminate
__CxxFrameHandler3
_purecall
api-ms-win-crt-stdio-l1-1-0
fputc
_setmaxstdio
_fsopen
_ftelli64
__stdio_common_vswprintf_s
__stdio_common_vswprintf
freopen
getc
feof
_telli64
_read
ftell
ferror
_lseeki64
rewind
fseek
_open
_close
fputs
_mktemp_s
__stdio_common_vsprintf
setvbuf
__stdio_common_vsscanf
__stdio_common_vfprintf
__acrt_iob_func
_fileno
_get_osfhandle
fopen
fclose
fgets
__stdio_common_vfprintf_s
_set_fmode
_wfsopen
_fseeki64
__stdio_common_vsprintf_s
fwrite
fopen_s
__p__commode
fread
fflush
_filelengthi64
api-ms-win-crt-runtime-l1-1-0
_initterm_e
_initterm
_get_narrow_winmain_command_line
_set_app_type
_seh_filter_exe
_set_abort_behavior
_cexit
exit
set_terminate
_crt_at_quick_exit
_set_invalid_parameter_handler
_exit
_c_exit
_invalid_parameter_noinfo_noreturn
_execute_onexit_table
_register_onexit_function
_initialize_onexit_table
_endthreadex
_initialize_narrow_environment
_getpid
_configure_narrow_argv
_seh_filter_dll
_invalid_parameter_noinfo
abort
_controlfp
strerror
_register_thread_local_exe_atexit_callback
_crt_atexit
__sys_nerr
_beginthreadex
_errno
terminate
api-ms-win-crt-string-l1-1-0
_wcsicmp
isalpha
isdigit
_strlwr
_strupr
_strdup
_strnicmp
_stricmp
wcsncpy_s
wcstok
strtok
strncmp
tolower
isspace
strncpy_s
_wcsdup
strcmp
strncat
strncpy
strcpy_s
_wcsupr
wcsncpy
wcsncat_s
_wcsnicmp
wcscat_s
wcscpy_s
wcsnlen
ispunct
isprint
isupper
islower
iscntrl
isxdigit
isgraph
strspn
isalnum
toupper
strpbrk
strcoll
api-ms-win-crt-heap-l1-1-0
calloc
_aligned_malloc
free
_aligned_realloc
malloc
_set_new_mode
_aligned_free
realloc
api-ms-win-crt-utility-l1-1-0
bsearch
qsort
rand
srand
api-ms-win-crt-convert-l1-1-0
atof
strtod
strtol
atoi
strtoul
wcstombs
mbstowcs
_strtoi64
_itoa
wcsrtombs
strtof
api-ms-win-crt-environment-l1-1-0
getenv
_putenv
api-ms-win-crt-math-l1-1-0
cbrtf
roundf
log2f
tanhf
modf
fmod
atan2f
pow
sin
exp2f
powf
log10
frexp
fmodf
acosf
expf
exp
asinf
_finite
logf
sinf
sinhf
tanf
coshf
cosf
atanf
ldexp
log10f
_fdclass
modff
cos
log
__setusermatherr
_fdtest
api-ms-win-crt-time-l1-1-0
strftime
_localtime64
_gmtime64
_time64
_localtime64_s
api-ms-win-crt-filesystem-l1-1-0
_stat64
_splitpath
_fstat64
_splitpath_s
api-ms-win-crt-locale-l1-1-0
localeconv
_configthreadlocale
libscepad
scePadRead
scePadSetLightBar
scePadSetVibration
scePadOpen
scePadSetParticularMode
scePadGetControllerType
scePadResetLightBar
scePadSetVibrationMode
scePadInit
wldap32
ord60
ord143
ord41
ord33
ord79
ord46
ord200
ord27
ord26
ord22
ord301
ord32
ord35
ord30
ord50
ord211
wsock32
accept
WSAStartup
setsockopt
__WSAFDIsSet
htonl
gethostname
inet_addr
getsockname
getpeername
bind
inet_ntoa
sendto
getsockopt
recv
recvfrom
connect
WSACleanup
ntohs
socket
gethostbyaddr
closesocket
gethostbyname
listen
WSAGetLastError
select
ntohl
WSASetLastError
htons
send
shutdown
libscejobmanager
??0JobManager@Job@sce@@QEAA@XZ
??1JobManager@Job@sce@@QEAA@XZ
?shutdown@JobManager@Job@sce@@QEAAHXZ
?calculateRequiredMemorySize@JobManager@Job@sce@@SA_KPEBUMemorySizeQueryParams@123@@Z
?setPersistentThreadCount@JobManager@Job@sce@@QEAAHI@Z
?getSequenceFactoryInterface@JobManager@Job@sce@@QEAAPEAVSequenceFactoryInterface@23@W4Priority@123@@Z
?initialize@JobManager@Job@sce@@QEAAHPEAX_KIIPEBUConfigParams@123@@Z
bink2w64
BinkOpenDirectSound
BinkNextFrame
BinkSetSoundSystem
BinkSetMemory
BinkWait
BinkUtilMalloc
BinkUtilFree
BinkPause
BinkRegisterGPUDataBuffers
BinkClose
BinkShouldSkip
BinkDoFramePlane
BinkOpen
BinkGetGPUDataBuffersInfo
libscegnm
?getWidthMinus1@Texture@Gnm@sce@@QEBAIXZ
?getTextureType@Texture@Gnm@sce@@QEBA?AW4TextureType@23@XZ
?getTextureChannelType@DataFormat@Gnm@sce@@QEBA?AW4TextureChannelType@23@XZ
?getSurfaceFormat@DataFormat@Gnm@sce@@QEBA?AW4SurfaceFormat@23@XZ
?getTotalArraySliceCount@Texture@Gnm@sce@@QEBAIXZ
?getLastArraySliceIndex@Texture@Gnm@sce@@QEBAIXZ
?getHeight@Texture@Gnm@sce@@QEBAIXZ
?init@TextureSpec@Gnm@sce@@QEAAXXZ
?getDepthMinus1@Texture@Gnm@sce@@QEBAIXZ
?init@Texture@Gnm@sce@@QEAAHPEBVTextureSpec@23@@Z
?getChannel@DataFormat@Gnm@sce@@QEBA?AW4TextureChannel@23@I@Z
?getBitsPerElement@DataFormat@Gnm@sce@@QEBAIXZ
?getWidth@Texture@Gnm@sce@@QEBAIXZ
?getDepth@Texture@Gnm@sce@@QEBAIXZ
?getDataFormat@Texture@Gnm@sce@@QEBA?AVDataFormat@23@XZ
?initAs2d@Texture@Gnm@sce@@QEAA?AVSizeAlign@23@IIIVDataFormat@23@W4TileMode@23@W4NumFragments@23@@Z
?getTileMode@Texture@Gnm@sce@@QEBA?AW4TileMode@23@XZ
?initAsCubemap@Texture@Gnm@sce@@QEAA?AVSizeAlign@23@IIIVDataFormat@23@W4TileMode@23@@Z
?build@DataFormat@Gnm@sce@@SA?AV123@W4SurfaceFormat@23@W4TextureChannelType@23@W4TextureChannel@23@222@Z
?initAs2dArray@Texture@Gnm@sce@@QEAA?AVSizeAlign@23@IIIIVDataFormat@23@W4TileMode@23@W4NumFragments@23@_N@Z
?initAs3d@Texture@Gnm@sce@@QEAA?AVSizeAlign@23@IIIIVDataFormat@23@W4TileMode@23@@Z
?getHeightMinus1@Texture@Gnm@sce@@QEBAIXZ
?getSizeAlign@Texture@Gnm@sce@@QEBA?AVSizeAlign@23@XZ
?getLastMipLevel@Texture@Gnm@sce@@QEBAIXZ
libscegpuaddress
?tileSurface@GpuAddress@sce@@YAHPEAXPEBXPEBVTilingParameters@12@@Z
?getMicroTileModeForSurfaceType@GpuAddress@sce@@YAHW4GpuMode@Gnm@2@PEAW4MicroTileMode@42@W4SurfaceType@12@@Z
?detileSurface@GpuAddress@sce@@YAHPEAXPEBXPEBVTilingParameters@12@@Z
?getArrayModeForSurfaceType@GpuAddress@sce@@YAHW4GpuMode@Gnm@2@PEAW4ArrayMode@42@W4SurfaceType@12@I@Z
?computeTextureSurfaceOffsetAndSize@GpuAddress@sce@@YAHPEA_K0PEBVTexture@Gnm@2@II@Z
?initFromTexture@TilingParameters@GpuAddress@sce@@QEAAHPEBVTexture@Gnm@3@II@Z
?computeSurfaceTileMode@GpuAddress@sce@@YAHW4GpuMode@Gnm@2@PEAW4TileMode@42@W4ArrayMode@42@TSurfaceFlags@12@VDataFormat@42@IW4MicroTileMode@42@@Z
?getFlagsForSurfaceType@GpuAddress@sce@@YAHW4GpuMode@Gnm@2@PEATSurfaceFlags@12@W4SurfaceType@12@W4SurfaceMipmapMode@12@@Z
ws2_32
freeaddrinfo
getnameinfo
getaddrinfo
inet_pton
steam_api64
SteamInternal_ContextInit
SteamInternal_FindOrCreateUserInterface
SteamAPI_UnregisterCallback
SteamAPI_Shutdown
SteamAPI_GetHSteamUser
SteamAPI_RegisterCallback
SteamAPI_RestartAppIfNecessary
SteamAPI_Init
SteamAPI_RunCallbacks
gdi32
ExtTextOutA
SetBkColor
advapi32
ImpersonateSelf
AdjustTokenPrivileges
RegCloseKey
RegOpenKeyExW
RegQueryValueExW
LookupPrivilegeValueA
OpenProcessToken
shell32
SHGetKnownFolderPath
ole32
CoTaskMemFree
CoInitialize
CoUninitialize
CoCreateInstance
PropVariantClear
CoTaskMemAlloc
CoInitializeEx
oleaut32
VariantClear
VariantInit
api-ms-win-crt-multibyte-l1-1-0
_mbsnbcpy
_mbschr
setupapi
SetupDiDestroyDeviceInfoList
SetupDiGetClassDevsW
SetupDiGetDeviceInterfaceDetailW
SetupDiEnumDeviceInterfaces
SetupDiGetDeviceInstanceIdW
rpcrt4
UuidCreate
Exports
Exports
?ffxFsr2ContextCreate@@YAHPEAUFfxFsr2Context@@PEBUFfxFsr2ContextDescription@@@Z
?ffxFsr2ContextDestroy@@YAHPEAUFfxFsr2Context@@@Z
?ffxFsr2ContextDispatch@@YAHPEAUFfxFsr2Context@@PEBUFfxFsr2DispatchDescription@@@Z
?ffxFsr2ContextGetUavResource@@YA?AUFfxResource@@PEAUFfxFsr2Context@@I@Z
?ffxFsr2GetJitterOffset@@YAHPEAM0HH@Z
?ffxFsr2GetJitterPhaseCount@@YAHHH@Z
?ffxFsr2GetRenderResolutionFromQualityMode@@YAHPEAI0IIW4FfxFsr2QualityMode@@@Z
?ffxFsr2GetUpscaleRatioFromQualityMode@@YAMW4FfxFsr2QualityMode@@@Z
?ffxFsr2ResourceIsNull@@YA_NUFfxResource@@@Z
NVSDK_NGX_D3D11_AllocateParameters
NVSDK_NGX_D3D11_CreateFeature
NVSDK_NGX_D3D11_DestroyParameters
NVSDK_NGX_D3D11_EvaluateFeature
NVSDK_NGX_D3D11_EvaluateFeature_C
NVSDK_NGX_D3D11_GetCapabilityParameters
NVSDK_NGX_D3D11_GetParameters
NVSDK_NGX_D3D11_GetScratchBufferSize
NVSDK_NGX_D3D11_ReleaseFeature
NVSDK_NGX_D3D11_Shutdown
NVSDK_NGX_D3D11_Shutdown1
NVSDK_NGX_Parameter_GetD
NVSDK_NGX_Parameter_GetD3d11Resource
NVSDK_NGX_Parameter_GetD3d12Resource
NVSDK_NGX_Parameter_GetF
NVSDK_NGX_Parameter_GetI
NVSDK_NGX_Parameter_GetUI
NVSDK_NGX_Parameter_GetULL
NVSDK_NGX_Parameter_GetVoidPointer
NVSDK_NGX_Parameter_SetD
NVSDK_NGX_Parameter_SetD3d11Resource
NVSDK_NGX_Parameter_SetD3d12Resource
NVSDK_NGX_Parameter_SetF
NVSDK_NGX_Parameter_SetI
NVSDK_NGX_Parameter_SetUI
NVSDK_NGX_Parameter_SetULL
NVSDK_NGX_Parameter_SetVoidPointer
agsCheckDriverVersion
agsDeInitialize
agsDriverExtensionsDX11_BeginUAVOverlap
agsDriverExtensionsDX11_CreateDevice
agsDriverExtensionsDX11_CreateFromDevice
agsDriverExtensionsDX11_Destroy
agsDriverExtensionsDX11_DestroyDevice
agsDriverExtensionsDX11_EndUAVOverlap
agsDriverExtensionsDX11_GetMaxClipRects
agsDriverExtensionsDX11_IASetPrimitiveTopology
agsDriverExtensionsDX11_MultiDrawIndexedInstancedIndirect
agsDriverExtensionsDX11_MultiDrawIndexedInstancedIndirectCountIndirect
agsDriverExtensionsDX11_MultiDrawInstancedIndirect
agsDriverExtensionsDX11_MultiDrawInstancedIndirectCountIndirect
agsDriverExtensionsDX11_NumPendingAsyncCompileJobs
agsDriverExtensionsDX11_SetClipRects
agsDriverExtensionsDX11_SetDepthBounds
agsDriverExtensionsDX11_SetDiskShaderCacheEnabled
agsDriverExtensionsDX11_SetMaxAsyncCompileThreadCount
agsDriverExtensionsDX11_SetViewBroadcastMasks
agsDriverExtensionsDX11_WriteBreadcrumb
agsGetVersionNumber
agsInitialize
agsSetDisplayMode
g_pAKPluginList
Sections
.text Size: 13.3MB - Virtual size: 13.3MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 3.1MB - Virtual size: 3.1MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 1.7MB - Virtual size: 64.4MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 608KB - Virtual size: 607KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
_RDATA Size: 12KB - Virtual size: 12KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 79KB - Virtual size: 78KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 191KB - Virtual size: 190KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ