tenacity[.]zip

Sharing

Copy URL

Twitter E-mail

General

Target

tenacity.zip
Size

29.0MB
MD5

efe532d4458c6c96a59f40c03dcbb53d
SHA1

621b9253fad607d42daec2f04c59ae30a3b8e5e9
SHA256

f470ffd94b60bfecdce09fa3b4239ccb0ec793f0c2946f0fc0e4f4110e1e6661
SHA512

08fe9a72217ea6c07c1c80da74a19c063bf538a53e61ae0c47ff8508c266ea16a16eaf671b08b14ba1dd84cdc8621471d041458fa3babb865873747d61850c2c
SSDEEP

786432:yXrcRyuE1ssBZ/xO6i3jXnqcAtkJDO8wn6fO2UP:y7cgv1ssBZ/xOBXnqNky6GVP

Score

3^/10

Malware Config

Signatures

Unsigned PE 3 IoCs

Checks for missing Authenticode signature.

resource
unpack001/MinHook.exe
unpack001/RakunCr/tenacity.dll
unpack001/injector.exe

Files

tenacity.zip
.zip
MinHook.exe
.exe windows:6 windows x64 arch:x64

4cae379359c046b984704df21c4aa53a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\VallexPrime1907\Desktop\MinHookDisabler-master\x64\Debug\MinHook disabler.pdb

Imports

dbghelp

ImageNtHeader

kernel32

GetProcAddress
FreeLibrary
DebugActiveProcess
DebugActiveProcessStop
CloseHandle
OpenProcess
VirtualAllocEx
VirtualProtectEx
VirtualQueryEx
ReadProcessMemory
WriteProcessMemory
K32EnumProcessModulesEx
K32GetModuleBaseNameA
K32GetModuleFileNameExA
K32GetModuleInformation
IsDebuggerPresent
RaiseException
MultiByteToWideChar
WideCharToMultiByte
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
InitializeSListHead
GetStartupInfoW
GetModuleHandleW
GetLastError
HeapAlloc
HeapFree
GetProcessHeap
VirtualQuery
GetCurrentThreadId

user32

FindWindowA
GetWindowThreadProcessId

msvcp140d

?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z
?eback@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?gptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?pptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?egptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?gbump@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXH@Z
?setg@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXPEAD00@Z
?epptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?_Gndec@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ
?_Gninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ
?_Gnavail@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBA_JXZ
?pbump@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXH@Z
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ
?_Pnavail@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBA_JXZ
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXXZ
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXPEAPEAD0PEAH001@Z
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
?tie@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBAPEAV?$basic_ostream@DU?$char_traits@D@std@@@2@XZ
?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEBA?AVlocale@2@XZ
?fill@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADXZ
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADD@Z
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@PEBX@Z
?put@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@D@Z
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UEAA@XZ
?ignore@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@_JH@Z
?read@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@PEAD_J@Z
?seekg@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@_JH@Z
?_Fiopen@std@@YAPEAU_iobuf@@PEBDHH@Z
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ
?id@?$codecvt@DDU_Mbstatet@@@std@@2V0locale@2@A
?cin@std@@3V?$basic_istream@DU?$char_traits@D@std@@@1@A
?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
?cerr@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
?_Xbad_alloc@std@@YAXXZ
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
??0_Lockit@std@@QEAA@H@Z
??1_Lockit@std@@QEAA@XZ
?uncaught_exceptions@std@@YAHXZ
?_Xlength_error@std@@YAXPEBD@Z
?_Xout_of_range@std@@YAXPEBD@Z
??Bid@locale@std@@QEAA_KXZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ
?_Getgloballocale@locale@std@@CAPEAV_Locimp@12@XZ
?always_noconv@codecvt_base@std@@QEBA_NXZ
?in@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
?out@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
?unshift@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEAD1AEAPEAD@Z
?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
??7ios_base@std@@QEBA_NXZ
?good@ios_base@std@@QEBA_NXZ
?flags@ios_base@std@@QEBAHXZ
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ
?width@ios_base@std@@QEAA_J_J@Z
?width@ios_base@std@@QEBA_JXZ
?rdbuf@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBAPEAV?$basic_streambuf@DU?$char_traits@D@std@@@2@XZ

vcruntime140d

__std_type_info_destroy_list
__C_specific_handler_noexcept
__C_specific_handler
memchr
__current_exception_context
__std_exception_destroy
__std_exception_copy
memmove
memcpy
memcmp
__current_exception
__vcrt_GetModuleHandleW
__vcrt_GetModuleFileNameW
_CxxThrowException
__vcrt_LoadLibraryExW

vcruntime140_1d

__CxxFrameHandler4

ucrtbased

_initialize_narrow_environment
_get_initial_narrow_environment
_initterm
_initterm_e
exit
_exit
_set_fmode
__p___argc
__p___argv
_cexit
_c_exit
_register_thread_local_exe_atexit_callback
_configthreadlocale
_set_new_mode
__p__commode
_seh_filter_dll
_initialize_onexit_table
_register_onexit_function
_execute_onexit_table
_crt_atexit
_crt_at_quick_exit
strcpy_s
strcat_s
__stdio_common_vsprintf_s
__setusermatherr
_wmakepath_s
_wsplitpath_s
wcscpy_s
_configure_narrow_argv
_callnewh
_CrtDbgReportW
_malloc_dbg
_free_dbg
_unlock_file
_lock_file
ungetc
setvbuf
fwrite
_fseeki64
fsetpos
fread
fputc
fgetpos
fgetc
fflush
fclose
_get_stream_buffer_pointers
_CrtDbgReport
strcmp
_invalid_parameter
_set_app_type
_seh_filter_exe
terminate
malloc

Sections

.textbss
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 97KB - Virtual size: 96KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.msvcjmc
Size: 1024B - Virtual size: 871B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.00cfg
Size: 512B - Virtual size: 373B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
RakunCr/shoeidad.jar
.jar
RakunCr/tenacity.dll
.dll windows:6 windows x64 arch:x64

f2d77af582b6c2da129fc4f1277f30f2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\Users\Hinok\Desktop\Return=Speed\x64\Debug\SpeedForce.pdb

Imports

jvm

JNI_GetCreatedJavaVMs

opengl32

glViewport
glOrtho
glMatrixMode
glLoadIdentity
wglCreateContext
wglGetCurrentContext
glGetIntegerv
wglMakeCurrent
glDisable

kernel32

OpenThread
GetThreadContext
FreeLibrary
GetProcAddress
LoadLibraryA
VerSetConditionMask
QueryPerformanceCounter
QueryPerformanceFrequency
GetModuleHandleA
GlobalAlloc
GlobalUnlock
GlobalLock
GlobalFree
MultiByteToWideChar
WideCharToMultiByte
GetModuleHandleW
AllocConsole
VirtualAlloc
VirtualProtect
VirtualFree
GetCurrentProcessId
SuspendThread
ResumeThread
Sleep
CloseHandle
CreateToolhelp32Snapshot
Thread32First
Thread32Next
VirtualQuery
GetSystemInfo
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
WakeAllConditionVariable
SleepConditionVariableSRW
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetCurrentThreadId
GetCurrentProcess
HeapFree
HeapReAlloc
HeapDestroy
HeapAlloc
HeapCreate
GetLastError
SetThreadContext
GetProcessHeap
RaiseException
GetStartupInfoW
GetSystemTimeAsFileTime
InitializeSListHead
FlushInstructionCache

user32

EmptyClipboard
CallWindowProcA
SetWindowLongPtrW
GetClipboardData
FindWindowA
SetClipboardData
GetAsyncKeyState
TrackMouseEvent
GetKeyState
GetCapture
SetCapture
ReleaseCapture
CloseClipboard
OpenClipboard
SetProcessDPIAware
MonitorFromWindow
LoadCursorW
ScreenToClient
ClientToScreen
GetCursorPos
SetCursor
SetCursorPos
GetClientRect
ReleaseDC
GetDC
GetForegroundWindow

gdi32

DeleteObject
CreateRectRgn
GetDeviceCaps

msvcp140d

?flags@ios_base@std@@QEBAHXZ
?width@ios_base@std@@QEBA_JXZ
?width@ios_base@std@@QEAA_J_J@Z
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
?tie@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBAPEAV?$basic_ostream@DU?$char_traits@D@std@@@2@XZ
?rdbuf@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBAPEAV?$basic_streambuf@DU?$char_traits@D@std@@@2@XZ
?fill@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADXZ
?uncaught_exception@std@@YA_NXZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@_K@Z
?put@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@D@Z
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
??0_Lockit@std@@QEAA@H@Z
??1_Lockit@std@@QEAA@XZ
?_Xlength_error@std@@YAXPEBD@Z
_Thrd_detach
_Cnd_do_broadcast_at_thread_exit
?_Throw_Cpp_error@std@@YAXH@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@PEBX@Z
?cerr@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@N@Z
?_Xout_of_range@std@@YAXPEBD@Z
?good@ios_base@std@@QEBA_NXZ
_Thrd_sleep
_Query_perf_frequency
_Query_perf_counter
_Xtime_get_ticks
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADD@Z

dwmapi

DwmIsCompositionEnabled
DwmGetColorizationColor
DwmEnableBlurBehindWindow

imm32

ImmGetContext
ImmAssociateContextEx
ImmSetCompositionWindow
ImmSetCandidateWindow
ImmReleaseContext

vcruntime140d

__vcrt_GetModuleHandleW
__vcrt_GetModuleFileNameW
__std_type_info_destroy_list
__C_specific_handler_noexcept
__current_exception_context
__current_exception
__C_specific_handler
_CxxThrowException
__std_exception_destroy
__std_exception_copy
__vcrt_LoadLibraryExW
memmove
memcmp
memchr
memset
memcpy
strstr

vcruntime140_1d

__CxxFrameHandler4

ucrtbased

_beginthreadex
_localtime64_s
_mktime64
_time64
realloc
_wfopen_s
_wfreopen_s
_fseeki64
_ftelli64
remove
_wstat64
_utime64
cos
sin
_CrtDbgReportW
_seh_filter_dll
_configure_narrow_argv
_initialize_narrow_environment
_initialize_onexit_table
_register_onexit_function
_execute_onexit_table
_crt_atexit
_crt_at_quick_exit
_cexit
_callnewh
_initterm
_initterm_e
strcpy_s
strcat_s
__stdio_common_vsprintf_s
_free_dbg
_CrtDbgReport
_wsplitpath_s
wcscpy_s
terminate
atof
sqrtf
sinf
cosf
ceilf
acosf
toupper
fmodf
fabs
qsort
malloc
free
__stdio_common_vsprintf
fwrite
ftell
fseek
fread
fflush
fclose
_wfopen
strncpy
__stdio_common_vsscanf
__stdio_common_vfprintf
__acrt_iob_func
_wassert
strncmp
strlen
strcpy
strcmp
strcat
freopen_s
_invalid_parameter
powf
logf
atan2f
pow
_wmakepath_s
log

Sections

.text
Size: 1012KB - Virtual size: 1011KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 259KB - Virtual size: 258KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 35KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.msvcjmc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
injector.exe
.exe windows:6 windows x64 arch:x64

7e6f843e180f652b46be85120eb2744e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\laz_ziya\Desktop\BobHCSGOInjector-master\x64\Debug\fly.pdb

Imports

kernel32

WriteProcessMemory
GetProcAddress
LoadLibraryA
WaitForSingleObject
CreateRemoteThread
VirtualAllocEx
ReadProcessMemory
WideCharToMultiByte
VirtualQuery
GetProcessHeap
HeapFree
HeapAlloc
GetLastError
VirtualFreeEx
OpenProcess
GetModuleHandleW
GetStartupInfoW
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
MultiByteToWideChar
RaiseException
IsDebuggerPresent
GetCurrentThreadId
FreeLibrary

user32

MessageBoxA
GetWindowThreadProcessId
FindWindowA

comdlg32

GetOpenFileNameW

msvcp140d

?_Xlength_error@std@@YAXPEBD@Z
??1_Lockit@std@@QEAA@XZ
??0_Lockit@std@@QEAA@H@Z

vcruntime140d

memcmp
memset
memcpy
__std_exception_copy
__std_exception_destroy
_CxxThrowException
__C_specific_handler
__vcrt_GetModuleHandleW
__C_specific_handler_noexcept
__std_type_info_destroy_list
__current_exception
__current_exception_context
__vcrt_GetModuleFileNameW
memmove
__vcrt_LoadLibraryExW

vcruntime140_1d

__CxxFrameHandler4

ucrtbased

_register_thread_local_exe_atexit_callback
_configthreadlocale
_set_new_mode
__p__commode
strcat_s
__stdio_common_vsprintf_s
__p___argc
_seh_filter_dll
_initialize_onexit_table
_register_onexit_function
_execute_onexit_table
_crt_atexit
_crt_at_quick_exit
terminate
_wmakepath_s
_wsplitpath_s
wcscpy_s
_c_exit
_exit
exit
_initterm_e
_initterm
_get_initial_narrow_environment
_configure_narrow_argv
_cexit
__setusermatherr
_set_app_type
_seh_filter_exe
malloc
_callnewh
_CrtDbgReportW
_CrtDbgReport
strlen
strcpy_s
_invalid_parameter
_errno
_invalid_parameter_noinfo
_set_fmode
__p___argv
_free_dbg
_initialize_narrow_environment

Sections

.textbss
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 54KB - Virtual size: 54KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.msvcjmc
Size: 512B - Virtual size: 482B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.00cfg
Size: 512B - Virtual size: 337B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 805B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
tenacity/Fonts/check.ttf
tenacity/Fonts/tenacity.ttf
tenacity/Fonts/tenacitybold.ttf
tenacity/Loader/default.ttf
tenacity/Loader/defaultbold.ttf
tenacity/Loader/icon.ttf
tenacity/Loader/medium.ttf
tenacity/Shaders/bloom.frag
tenacity/Shaders/gaussian.frag
tenacity/Shaders/glow.frag
tenacity/Shaders/gradient.frag
tenacity/Shaders/gradientMask.frag
tenacity/Shaders/kawaseDown.frag
tenacity/Shaders/kawaseUp.frag
tenacity/Shaders/outline.frag
tenacity/Shaders/roundRectOutline.frag
tenacity/Shaders/roundRectTextured.frag
tenacity/Shaders/vertex.vsh
tenacity/log.txt

Sharing

General

Malware Config

Signatures

Files

4cae379359c046b984704df21c4aa53a

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

dbghelp

kernel32

user32

msvcp140d

vcruntime140d

vcruntime140_1d

ucrtbased

Sections

.textbss Size: - Virtual size: 64KB

.text Size: 97KB - Virtual size: 96KB

.rdata Size: 29KB - Virtual size: 28KB

.data Size: 2KB - Virtual size: 3KB

.pdata Size: 12KB - Virtual size: 12KB

.idata Size: 11KB - Virtual size: 11KB

.msvcjmc Size: 1024B - Virtual size: 871B

.00cfg Size: 512B - Virtual size: 373B

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 1KB - Virtual size: 1KB

f2d77af582b6c2da129fc4f1277f30f2

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

jvm

opengl32

kernel32

user32

gdi32

msvcp140d

dwmapi

imm32

vcruntime140d

vcruntime140_1d

ucrtbased

Sections

.text Size: 1012KB - Virtual size: 1011KB

.rdata Size: 259KB - Virtual size: 258KB

.data Size: 5KB - Virtual size: 29KB

.pdata Size: 35KB - Virtual size: 35KB

.msvcjmc Size: 4KB - Virtual size: 4KB

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 4KB - Virtual size: 3KB

7e6f843e180f652b46be85120eb2744e

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

comdlg32

msvcp140d

vcruntime140d

vcruntime140_1d

ucrtbased

Sections

.textbss Size: - Virtual size: 64KB

.text Size: 54KB - Virtual size: 54KB

.rdata Size: 18KB - Virtual size: 18KB

.data Size: 1KB - Virtual size: 3KB

.pdata Size: 10KB - Virtual size: 10KB

.idata Size: 6KB - Virtual size: 5KB

.msvcjmc Size: 512B - Virtual size: 482B

.00cfg Size: 512B - Virtual size: 337B

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 1024B - Virtual size: 805B

.textbss
Size: - Virtual size: 64KB

.text
Size: 97KB - Virtual size: 96KB

.rdata
Size: 29KB - Virtual size: 28KB

.data
Size: 2KB - Virtual size: 3KB

.pdata
Size: 12KB - Virtual size: 12KB

.idata
Size: 11KB - Virtual size: 11KB

.msvcjmc
Size: 1024B - Virtual size: 871B

.00cfg
Size: 512B - Virtual size: 373B

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 1KB - Virtual size: 1KB

.text
Size: 1012KB - Virtual size: 1011KB

.rdata
Size: 259KB - Virtual size: 258KB

.data
Size: 5KB - Virtual size: 29KB

.pdata
Size: 35KB - Virtual size: 35KB

.msvcjmc
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 4KB - Virtual size: 3KB

.textbss
Size: - Virtual size: 64KB

.text
Size: 54KB - Virtual size: 54KB

.rdata
Size: 18KB - Virtual size: 18KB

.data
Size: 1KB - Virtual size: 3KB

.pdata
Size: 10KB - Virtual size: 10KB

.idata
Size: 6KB - Virtual size: 5KB

.msvcjmc
Size: 512B - Virtual size: 482B

.00cfg
Size: 512B - Virtual size: 337B

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 1024B - Virtual size: 805B