3c7815750a3c6e25dc815684fd4404c6_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3c7815750a3c6e25dc815684fd4404c6_JaffaCakes118
Size

16.2MB
MD5

3c7815750a3c6e25dc815684fd4404c6
SHA1

bd16bd6fdf049ed56186a31b53c19d19e0f9d442
SHA256

873dee0b088847a9e5b4ab29598ad35b46c62b0ce7f1cf776a70adad81b28529
SHA512

46cc2774c79abe6104651a092722a30774c4c792d35ba692a0729b8fba64023b1a4904163d6dbe359d4627db45ff2765bf3955ebce6bbf6ab999a06d17813680
SSDEEP

393216:tzmiT+YfekWK/cyaa+HbnZjJcpoMXo2lCGor0ub9zaw4:9KAekt/cyNmbn5JF0k9N4

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 7 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
static1/unpack001/Pacote - Hacker By Lover/Bonus +/Auto Kill.exe	upx
static1/unpack001/Pacote - Hacker By Lover/Bonus +/Lover Engine 1.0/Bot1.exe	upx
static1/unpack001/Pacote - Hacker By Lover/Bonus +/Lover Engine 1.0/Bot2.exe	upx
static1/unpack001/Pacote - Hacker By Lover/Bonus +/Lover Engine 1.0/LEHook.dll	upx
static1/unpack001/Pacote - Hacker By Lover/Bonus +/Lover Engine 1.0/ceregr3set.exe	upx
static1/unpack001/Pacote - Hacker By Lover/Bonus +/Lover Engine 1.0/emptyproc3ss.exe	upx
static1/unpack001/Pacote - Hacker By Lover/Bonus +/Pause+To+Kill.exe	upx

AutoIT Executable 2 IoCs

AutoIT scripts compiled to PE executables.

resource	yara_rule
static1/unpack002/out.upx	autoit_exe
static1/unpack008/out.upx	autoit_exe

Unsigned PE 42 IoCs

Checks for missing Authenticode signature.

resource
3c7815750a3c6e25dc815684fd4404c6_JaffaCakes118
unpack001/Pacote - Hacker By Lover/Bonus +/Auto Kill.exe
unpack002/out.upx
unpack001/Pacote - Hacker By Lover/Bonus +/C4astr0~ Trainer.exe
unpack001/Pacote - Hacker By Lover/Bonus +/C4sTr0~ Skill Cheat.exe
unpack001/Pacote - Hacker By Lover/Bonus +/Crosshair 2.0 [VIP] By Lover.exe
unpack001/Pacote - Hacker By Lover/Bonus +/Injectores/CLB_Injector V1.3.exe
unpack001/Pacote - Hacker By Lover/Bonus +/Injectores/Injack nnss.exe
unpack001/Pacote - Hacker By Lover/Bonus +/Injectores/PerX.exe
unpack001/Pacote - Hacker By Lover/Bonus +/Injectores/Web Cheats Utilities v3.0.exe
unpack001/Pacote - Hacker By Lover/Bonus +/Lover Engine 1.0/Bot1.exe
unpack001/Pacote - Hacker By Lover/Bonus +/Lover Engine 1.0/Bot2.exe
unpack001/Pacote - Hacker By Lover/Bonus +/Lover Engine 1.0/LEHook.dll
unpack001/Pacote - Hacker By Lover/Bonus +/Lover Engine 1.0/Loveengine0.5.exe
unpack001/Pacote - Hacker By Lover/Bonus +/Lover Engine 1.0/Loveengine0.5.exe.bak
unpack001/Pacote - Hacker By Lover/Bonus +/Lover Engine 1.0/Loveless.dll
unpack001/Pacote - Hacker By Lover/Bonus +/Lover Engine 1.0/Loveless.sys
unpack001/Pacote - Hacker By Lover/Bonus +/Lover Engine 1.0/ceregr3set.exe
unpack001/Pacote - Hacker By Lover/Bonus +/Lover Engine 1.0/emptyproc3ss.exe
unpack001/Pacote - Hacker By Lover/Bonus +/LoverHex/Dialogs.dat
unpack001/Pacote - Hacker By Lover/Bonus +/LoverHex/Lover_Hex_Editor.exe
unpack001/Pacote - Hacker By Lover/Bonus +/LoverHex/whxsetup.exe
unpack001/Pacote - Hacker By Lover/Bonus +/LoverHex/zlib1.dll
unpack001/Pacote - Hacker By Lover/Bonus +/PB launcher/PBConfig.exe
unpack001/Pacote - Hacker By Lover/Bonus +/PB launcher/PBLauncher.exe
unpack001/Pacote - Hacker By Lover/Bonus +/Pause+To+Kill.exe
unpack008/out.upx
unpack001/Pacote - Hacker By Lover/Bonus +/Xtrap-Kill.exe
unpack001/Pacote - Hacker By Lover/Chams Auto On By Lover.dll
unpack001/Pacote - Hacker By Lover/Chams Configuravel by Lover ( Diogo Palos ).dll
unpack001/Pacote - Hacker By Lover/Chams Verde F1 By Lover e Bloqueado.dll
unpack001/Pacote - Hacker By Lover/ChamsWallGlass_By_TeamHackBR_2.dll
unpack001/Pacote - Hacker By Lover/D3D Vip Free By Lover.dll
unpack001/Pacote - Hacker By Lover/D3D9_test.exe
unpack001/Pacote - Hacker By Lover/Digital-Hax 1.5 By Lover.dll
unpack001/Pacote - Hacker By Lover/Digital-Hax Project Blackout v1.2.dll
unpack001/Pacote - Hacker By Lover/F1+F2 By Lover.dll
unpack001/Pacote - Hacker By Lover/F1.F2.F3.F4.dll
unpack001/Pacote - Hacker By Lover/F_pb.dll
unpack001/Pacote - Hacker By Lover/Hacker Yellow Chams.dll
unpack001/Pacote - Hacker By Lover/Hax-Digital V.2.1.dll
unpack001/Pacote - Hacker By Lover/WorldChams By Lover e Bloqueado.dll

NSIS installer 2 IoCs

installer

resource	yara_rule
sample	nsis_installer_1
sample	nsis_installer_2

Files

3c7815750a3c6e25dc815684fd4404c6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7fa974366048f9c551ef45714595665e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
SetCurrentDirectoryA
GetFileAttributesA
GetLastError
CreateDirectoryA
SetFileAttributesA
Sleep
GetTickCount
GetFileSize
GetModuleFileNameA
GetCurrentProcess
CopyFileA
ExitProcess
GetWindowsDirectoryA
SetFileTime
GetCommandLineA
SetErrorMode
LoadLibraryA
lstrcpynA
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
CreateThread
CreateProcessA
RemoveDirectoryA
CreateFileA
GetTempFileNameA
lstrlenA
lstrcatA
GetSystemDirectoryA
GetVersion
CloseHandle
lstrcmpiA
lstrcmpA
ExpandEnvironmentStringsA
GlobalFree
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
GetModuleHandleA
LoadLibraryExA
GetProcAddress
FreeLibrary
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
WriteFile
ReadFile
MulDiv
SetFilePointer
FindClose
FindNextFileA
FindFirstFileA
DeleteFileA
GetTempPathA

user32

EndDialog
ScreenToClient
GetWindowRect
EnableMenuItem
GetSystemMenu
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
SetCursor
LoadCursorA
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
RegisterClassA
TrackPopupMenu
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxIndirectA
CharPrevA
DispatchMessageA
PeekMessageA
DestroyWindow
CreateDialogParamA
SetTimer
SetWindowTextA
PostQuitMessage
SetForegroundWindow
wsprintfA
SendMessageTimeoutA
FindWindowExA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
CharNextA
OpenClipboard
ExitWindowsEx
IsWindow
GetDlgItem
SetWindowLongA
LoadImageA
GetDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
ShowWindow

gdi32

SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetTextColor
SelectObject

shell32

SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA
SHGetSpecialFolderLocation

advapi32

RegQueryValueExA
RegSetValueExA
RegEnumKeyA
RegEnumValueA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

CoTaskMemFree
OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 36KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Pacote - Hacker By Lover/Bonus +/Auto Kill.exe
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 472KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 263KB - Virtual size: 264KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 29KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 512KB - Virtual size: 512KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 54KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 26KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 37KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Pacote - Hacker By Lover/Bonus +/C4astr0~ Trainer.exe
.exe windows:4 windows x86 arch:x86

baa93d47220682c04d92f7797d9224ce

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

lstrcpy

comctl32

InitCommonControls

Sections

Size: 248KB - Virtual size: 584KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 992KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

tugruccp
Size: 789KB - Virtual size: 792KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

qyduhcul
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Pacote - Hacker By Lover/Bonus +/C4sTr0~ Skill Cheat.exe
.exe windows:4 windows x86 arch:x86

baa93d47220682c04d92f7797d9224ce

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

lstrcpy

comctl32

InitCommonControls

Sections

Size: 170KB - Virtual size: 396KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 988KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

lithocbx
Size: 788KB - Virtual size: 792KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

uhyxtyow
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Pacote - Hacker By Lover/Bonus +/Crosshair 2.0 [VIP] By Lover.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\Diogo\Desktop\Crosshair By Lover {HardCheats] 2\Crosshair By Lover [HardCheats]\Crosshair By Lover [HardCheats]\obj\Debug\Crosshair By Lover [HardCheats].pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 122KB - Virtual size: 121KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 219B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Pacote - Hacker By Lover/Bonus +/Injectores/CLB_Injector V1.3.exe
.exe windows:5 windows x86 arch:x86

204918057852b331fd0ab1e517e5126a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

oleaut32

SysFreeString
SysReAllocStringLen
SysAllocStringLen
SafeArrayPtrOfIndex
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayCreate
VariantChangeType
VariantCopy
VariantClear
VariantInit

advapi32

RegQueryValueExW
RegOpenKeyExW
RegCloseKey
RegUnLoadKeyW
RegSetValueExW
RegSaveKeyW
RegRestoreKeyW
RegReplaceKeyW
RegQueryValueExW
RegQueryInfoKeyW
RegOpenKeyExW
RegLoadKeyW
RegFlushKey
RegEnumValueW
RegEnumKeyExW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegConnectRegistryW
RegCloseKey

user32

LoadStringW
MessageBoxA
CharNextW
CreateWindowExW
WindowFromPoint
WaitMessage
UpdateWindow
UnregisterClassW
UnhookWindowsHookEx
TranslateMessage
TranslateMDISysAccel
TrackPopupMenu
SystemParametersInfoW
ShowWindow
ShowScrollBar
ShowOwnedPopups
SetWindowsHookExW
SetWindowTextW
SetWindowPos
SetWindowPlacement
SetWindowLongW
SetTimer
SetScrollRange
SetScrollPos
SetScrollInfo
SetRect
SetPropW
SetParent
SetMenuItemInfoW
SetMenu
SetForegroundWindow
SetFocus
SetCursorPos
SetCursor
SetClassLongW
SetCapture
SetActiveWindow
SendMessageA
SendMessageW
ScrollWindow
ScreenToClient
RemovePropW
RemoveMenu
ReleaseDC
ReleaseCapture
RegisterWindowMessageW
RegisterClipboardFormatW
RegisterClassW
RedrawWindow
PtInRect
PostQuitMessage
PostMessageW
PeekMessageA
PeekMessageW
OffsetRect
MsgWaitForMultipleObjectsEx
MsgWaitForMultipleObjects
MessageBoxW
MessageBeep
MapWindowPoints
MapVirtualKeyW
LoadStringW
LoadKeyboardLayoutW
LoadIconW
LoadCursorW
LoadBitmapW
KillTimer
IsZoomed
IsWindowVisible
IsWindowUnicode
IsWindowEnabled
IsWindow
IsIconic
IsDialogMessageA
IsDialogMessageW
IsChild
InvalidateRect
InsertMenuItemW
InsertMenuW
InflateRect
GetWindowThreadProcessId
GetWindowTextW
GetWindowRect
GetWindowPlacement
GetWindowLongW
GetWindowDC
GetTopWindow
GetSystemMetrics
GetSystemMenu
GetSysColorBrush
GetSysColor
GetSubMenu
GetScrollRange
GetScrollPos
GetScrollInfo
GetPropW
GetParent
GetWindow
GetMessagePos
GetMessageExtraInfo
GetMenuStringW
GetMenuState
GetMenuItemInfoW
GetMenuItemID
GetMenuItemCount
GetMenu
GetLastActivePopup
GetKeyboardState
GetKeyboardLayoutNameW
GetKeyboardLayoutList
GetKeyboardLayout
GetKeyState
GetKeyNameTextW
GetIconInfo
GetForegroundWindow
GetFocus
GetDlgItem
GetDesktopWindow
GetDCEx
GetDC
GetCursorPos
GetCursor
GetClipboardData
GetClientRect
GetClassLongW
GetClassInfoW
GetCapture
GetActiveWindow
FrameRect
FindWindowExW
FindWindowW
FillRect
EnumWindows
EnumThreadWindows
EnumChildWindows
EndPaint
EndMenu
EnableWindow
EnableScrollBar
EnableMenuItem
DrawTextExW
DrawTextW
DrawMenuBar
DrawIconEx
DrawIcon
DrawFrameControl
DrawFocusRect
DrawEdge
DispatchMessageA
DispatchMessageW
DestroyWindow
DestroyMenu
DestroyIcon
DestroyCursor
DeleteMenu
DefWindowProcW
DefMDIChildProcW
DefFrameProcW
CreatePopupMenu
CreateMenu
CreateIcon
CreateAcceleratorTableW
CopyIcon
ClientToScreen
CheckMenuItem
CharUpperW
CharNextW
CharLowerBuffW
CharLowerW
CallWindowProcW
CallNextHookEx
BeginPaint
AdjustWindowRectEx
ActivateKeyboardLayout
EnumDisplayMonitors
GetMonitorInfoW
MonitorFromPoint
MonitorFromRect
MonitorFromWindow

kernel32

lstrcmpiA
LoadLibraryA
LocalFree
LocalAlloc
Sleep
VirtualFree
VirtualAlloc
SwitchToThread
GetACP
GetSystemInfo
GetTickCount
QueryPerformanceCounter
GetVersion
GetCurrentThreadId
VirtualQuery
WideCharToMultiByte
MultiByteToWideChar
lstrlenW
lstrcpynW
LoadLibraryExW
IsValidLocale
GetSystemDefaultUILanguage
GetStartupInfoA
GetProcAddress
GetModuleHandleW
GetModuleFileNameW
GetUserDefaultUILanguage
GetLocaleInfoW
GetLastError
GetCommandLineW
FreeLibrary
FindFirstFileW
FindClose
ExitProcess
ExitThread
CreateThread
CompareStringW
WriteFile
UnhandledExceptionFilter
RtlUnwind
RaiseException
GetStdHandle
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
CloseHandle
TlsSetValue
TlsGetValue
LocalAlloc
GetModuleHandleW
WriteProcessMemory
WriteFile
WideCharToMultiByte
WaitForSingleObject
WaitForMultipleObjectsEx
VirtualQueryEx
VirtualQuery
VirtualFree
VirtualAllocEx
VirtualAlloc
TryEnterCriticalSection
SwitchToThread
SuspendThread
Sleep
SizeofResource
SetThreadPriority
SetThreadLocale
SetLastError
SetFilePointer
SetEvent
SetErrorMode
SetEndOfFile
ResumeThread
ResetEvent
ReadFile
RaiseException
IsDebuggerPresent
OpenProcess
MulDiv
LockResource
LocalFree
LoadResource
LoadLibraryW
LeaveCriticalSection
IsValidLocale
InitializeCriticalSection
GlobalUnlock
GlobalLock
GlobalFree
GlobalFindAtomW
GlobalDeleteAtom
GlobalAlloc
GlobalAddAtomW
GetVersionExW
GetVersion
GetTickCount
GetThreadPriority
GetThreadLocale
GetStdHandle
GetProcAddress
GetModuleHandleW
GetModuleFileNameW
GetLocaleInfoW
GetLocalTime
GetLastError
GetFullPathNameW
GetExitCodeThread
GetDiskFreeSpaceW
GetDateFormatW
GetCurrentThreadId
GetCurrentThread
GetCurrentProcessId
GetCurrentProcess
GetCPInfoExW
GetCPInfo
GetACP
FreeResource
InterlockedExchangeAdd
InterlockedExchange
InterlockedCompareExchange
FreeLibrary
FormatMessageW
FindResourceW
EnumSystemLocalesW
EnumCalendarInfoW
EnterCriticalSection
DeleteCriticalSection
CreateThread
CreateRemoteThread
CreateFileW
CreateEventW
CompareStringW
CloseHandle
Sleep

msimg32

AlphaBlend

gdi32

UnrealizeObject
StretchDIBits
StretchBlt
StartPage
StartDocW
SetWindowOrgEx
SetWinMetaFileBits
SetViewportOrgEx
SetTextColor
SetStretchBltMode
SetROP2
SetPixel
SetEnhMetaFileBits
SetDIBits
SetDIBColorTable
SetBrushOrgEx
SetBkMode
SetBkColor
SetAbortProc
SelectPalette
SelectObject
SelectClipRgn
SaveDC
RoundRect
RestoreDC
ResizePalette
Rectangle
RectVisible
RealizePalette
Polyline
Polygon
PolyBezierTo
PolyBezier
PlayEnhMetaFile
Pie
PatBlt
MoveToEx
MaskBlt
LineTo
IntersectClipRect
GetWindowOrgEx
GetWinMetaFileBits
GetTextMetricsW
GetTextExtentPoint32W
GetSystemPaletteEntries
GetStockObject
GetRgnBox
GetPixel
GetPaletteEntries
GetObjectW
GetNearestPaletteIndex
GetEnhMetaFilePaletteEntries
GetEnhMetaFileHeader
GetEnhMetaFileDescriptionW
GetEnhMetaFileBits
GetDeviceCaps
GetDIBits
GetDIBColorTable
GetCurrentPositionEx
GetClipBox
GetBrushOrgEx
GetBitmapBits
FrameRgn
ExtTextOutW
ExtFloodFill
ExcludeClipRect
EnumFontsW
EnumFontFamiliesExW
EndPage
EndDoc
Ellipse
DeleteObject
DeleteEnhMetaFile
DeleteDC
CreateSolidBrush
CreateRectRgn
CreatePenIndirect
CreatePalette
CreateICW
CreateHalftonePalette
CreateFontIndirectW
CreateDIBitmap
CreateDIBSection
CreateDCW
CreateCompatibleDC
CreateCompatibleBitmap
CreateBrushIndirect
CreateBitmap
CopyEnhMetaFileW
Chord
BitBlt
ArcTo
Arc
AngleArc
AbortDoc

version

VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoW

ole32

OleUninitialize
OleInitialize
CoTaskMemFree
CoTaskMemAlloc
CoCreateInstance
IsEqualGUID

comctl32

InitializeFlatSB
FlatSB_SetScrollProp
FlatSB_SetScrollPos
FlatSB_SetScrollInfo
FlatSB_GetScrollPos
FlatSB_GetScrollInfo
_TrackMouseEvent
ImageList_GetImageInfo
ImageList_SetIconSize
ImageList_GetIconSize
ImageList_Write
ImageList_Read
ImageList_GetDragImage
ImageList_DragShowNolock
ImageList_DragMove
ImageList_DragLeave
ImageList_DragEnter
ImageList_EndDrag
ImageList_BeginDrag
ImageList_Copy
ImageList_LoadImageW
ImageList_GetIcon
ImageList_Remove
ImageList_DrawEx
ImageList_Replace
ImageList_Draw
ImageList_SetOverlayImage
ImageList_GetBkColor
ImageList_SetBkColor
ImageList_ReplaceIcon
ImageList_Add
ImageList_SetImageCount
ImageList_GetImageCount
ImageList_Destroy
ImageList_Create
InitCommonControls

winspool.drv

OpenPrinterW
EnumPrintersW
DocumentPropertiesW
ClosePrinter
GetDefaultPrinterW

shell32

ShellExecuteW

comdlg32

GetOpenFileNameW

Sections

.text
Size: 912KB - Virtual size: 912KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.itext
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 21KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.didata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 60B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 78KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 100KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Pacote - Hacker By Lover/Bonus +/Injectores/Injack nnss.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\Fabio\Documents\Visual Studio 2010\Projects\UNREALS TAB INJECTOR\UNREALS TAB INJECTOR\obj\x86\Debug\UNREALS TAB INJECTOR.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 273KB - Virtual size: 272KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 186B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 147KB - Virtual size: 147KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Pacote - Hacker By Lover/Bonus +/Injectores/PerX.exe
.exe windows:4 windows x86 arch:x86

87b324a67e18fb2e1d12308b06fa8d4f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
RegCloseKey
RegCreateKeyExA
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA
SetFileSecurityA
SetFileSecurityW

kernel32

CloseHandle
CompareStringA
CreateDirectoryA
CreateDirectoryW
CreateFileA
CreateFileW
DeleteFileA
DeleteFileW
DosDateTimeToFileTime
ExitProcess
ExpandEnvironmentStringsA
FileTimeToLocalFileTime
FileTimeToSystemTime
FindClose
FindFirstFileA
FindFirstFileW
FindNextFileA
FindNextFileW
FindResourceA
FreeLibrary
GetCPInfo
GetCommandLineA
GetCurrentDirectoryA
GetCurrentProcess
GetDateFormatA
GetFileAttributesA
GetFileAttributesW
GetFileType
GetFullPathNameA
GetLastError
GetLocaleInfoA
GetModuleFileNameA
GetModuleHandleA
GetNumberFormatA
GetProcAddress
GetProcessHeap
GetStdHandle
GetTempPathA
GetTickCount
GetTimeFormatA
GetVersionExA
GlobalAlloc
HeapAlloc
HeapFree
HeapReAlloc
IsDBCSLeadByte
LoadLibraryA
LocalFileTimeToFileTime
MoveFileA
MoveFileExA
MultiByteToWideChar
ReadFile
SetCurrentDirectoryA
SetEndOfFile
SetEnvironmentVariableA
SetFileAttributesA
SetFileAttributesW
SetFilePointer
SetFileTime
SetLastError
Sleep
SystemTimeToFileTime
WaitForSingleObject
WideCharToMultiByte
WriteFile
lstrcmpiA
lstrlenA

comctl32

ord17

comdlg32

CommDlgExtendedError
GetOpenFileNameA

gdi32

DeleteObject

shell32

SHBrowseForFolderA
SHChangeNotify
SHFileOperationA
SHGetFileInfoA
SHGetMalloc
SHGetSpecialFolderLocation
ShellExecuteExA
SHGetPathFromIDListA

user32

CharToOemA
CharToOemBuffA
CharUpperA
CopyRect
CreateWindowExA
DefWindowProcA
DestroyIcon
DestroyWindow
DialogBoxParamA
DispatchMessageA
EnableWindow
EndDialog
FindWindowExA
GetClassNameA
GetClientRect
GetDlgItem
GetDlgItemTextA
GetMessageA
GetParent
GetSysColor
GetSystemMetrics
GetWindow
GetWindowLongA
GetWindowRect
GetWindowTextA
IsWindow
IsWindowVisible
LoadBitmapA
LoadCursorA
LoadIconA
LoadStringA
MapWindowPoints
MessageBoxA
OemToCharA
OemToCharBuffA
PeekMessageA
PostMessageA
RegisterClassExA
SendDlgItemMessageA
SendMessageA
SetDlgItemTextA
SetFocus
SetMenu
SetWindowLongA
SetWindowPos
SetWindowTextA
ShowWindow
TranslateMessage
UpdateWindow
WaitForInputIdle
wsprintfA
wvsprintfA

ole32

CLSIDFromString
CoCreateInstance
CreateStreamOnHGlobal
OleInitialize
OleUninitialize

Sections

.text
Size: 77KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 98KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Pacote - Hacker By Lover/Bonus +/Injectores/Web Cheats Utilities v3.0.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 8KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 16B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 633KB - Virtual size: 633KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Pacote - Hacker By Lover/Bonus +/Lover Engine 1.0/ADDRESSESFIRST.TMP
Pacote - Hacker By Lover/Bonus +/Lover Engine 1.0/Bot1.exe
.exe windows:4 windows x86 arch:x86

1c372311534116eeffdf56f3f6c69c5c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
ExitProcess
GetProcAddress

user32

wsprintfA
MessageBoxA

Sections

UPX0
Size: - Virtual size: 44KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 22KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.nPack
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Pacote - Hacker By Lover/Bonus +/Lover Engine 1.0/Bot2.exe
.exe windows:4 windows x86 arch:x86

1c372311534116eeffdf56f3f6c69c5c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
ExitProcess
GetProcAddress

user32

wsprintfA
MessageBoxA

Sections

UPX0
Size: - Virtual size: 72KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.nPack
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Pacote - Hacker By Lover/Bonus +/Lover Engine 1.0/CEProtect.dat
Pacote - Hacker By Lover/Bonus +/Lover Engine 1.0/LEHook.dll
.dll windows:4 windows x86 arch:x86

1c372311534116eeffdf56f3f6c69c5c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
ExitProcess
GetProcAddress

user32

wsprintfA
MessageBoxA

Sections

UPX0
Size: - Virtual size: 324KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 243KB - Virtual size: 244KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 21KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.nPack
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Pacote - Hacker By Lover/Bonus +/Lover Engine 1.0/Loveengine0.5.exe
.exe windows:4 windows x86 arch:x86

1c372311534116eeffdf56f3f6c69c5c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
ExitProcess
GetProcAddress

user32

wsprintfA
MessageBoxA

Sections

CODE
Size: 850KB - Virtual size: 2.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 11KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 16KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 5KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.nPack
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Pacote - Hacker By Lover/Bonus +/Lover Engine 1.0/Loveengine0.5.exe.bak
.exe windows:4 windows x86 arch:x86

1c372311534116eeffdf56f3f6c69c5c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
ExitProcess
GetProcAddress

user32

wsprintfA
MessageBoxA

Sections

CODE
Size: 850KB - Virtual size: 2.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 11KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 16KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 5KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.nPack
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Pacote - Hacker By Lover/Bonus +/Lover Engine 1.0/Loveless.dll
.dll windows:4 windows x86 arch:x86

1c372311534116eeffdf56f3f6c69c5c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
ExitProcess
GetProcAddress

user32

wsprintfA
MessageBoxA

Exports

Exports

ChangeRegOnBP
CreateRemoteAPC
DBKResumeProcess
DBKResumeThread
DBKSuspendProcess
DBKSuspendThread
DebugProcess
GetCR3
GetCR4
GetDebugportOffset
GetIDTCurrentThread
GetIDTs
GetKProcAddress
GetLoadedState
GetPEThread
GetPhysicalAddress
GetProcessNameFromID
GetProcessnameOffset
GetSDT
GetSDTEntry
GetSDTShadow
GetSSDTEntry
GetThreadListEntryOffset
GetThreadsProcessOffset
GetP2Proces
GetP3Proces
IsValidHandle
KernelAlloc
MakeWritable
NOP
OP
OT
ProtectMe
RPM
ReadPhysicalMemory
RetrieveDebugData
SetCR3
SetSDTEntry
SetSSDTEntry
StartProcessWatch
StopDebugging
StopRegisterChange
UnprotectMe
VAE
VQE
WPM
WaitForProcessListData
WritePhysicalMemory
getAlternateDebugMethod
setAlternateDebugMethod
test
useIOCTL

Sections

CODE
Size: 178KB - Virtual size: 400KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 2KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 25KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 21KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.nPack
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Pacote - Hacker By Lover/Bonus +/Lover Engine 1.0/Loveless.sys
.sys windows:6 windows x86 arch:x86

ef5cb445e5f1a4f80fcee90d15a286be

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\i1vmoney\v53\objfre_wxp_x86\i386\IlvMoney1196.pdb

Imports

ntoskrnl.exe

KeInitializeApc
ExAllocatePool
ZwOpenProcess
IofCompleteRequest
ExAllocatePoolWithTag
ZwAllocateVirtualMemory
PsSetCreateThreadNotifyRoutine
PsSetCreateProcessNotifyRoutine
ZwQuerySystemInformation
PsSetLoadImageNotifyRoutine
MmAllocateNonCachedMemory
MmFreeNonCachedMemory
MmGetPhysicalAddress
ZwClose
ZwUnmapViewOfSection
ZwMapViewOfSection
ZwOpenSection
ObfDereferenceObject
ZwOpenThread
ObOpenObjectByPointer
DbgPrint
MmGetSystemRoutineAddress
RtlInitUnicodeString
PsLookupProcessByProcessId
memset
KeInsertQueueApc
IoDeleteSymbolicLink
IoDeleteDevice
KeClearEvent
IoCreateNotificationEvent
IoAllocateWorkItem
IoCreateSymbolicLink
IoCreateDevice
ZwQueryValueKey
ZwOpenKey
PsGetCurrentProcessId
RtlFreeAnsiString
RtlUpperString
RtlUnicodeStringToAnsiString
PsLookupThreadByThreadId
KeSetEvent
KeWaitForSingleObject
KeReleaseSemaphore
KeTickCount
KeBugCheckEx
KeDelayExecutionThread
ExFreePoolWithTag
memcpy
KeGetCurrentThread
RtlUnwind

hal

KfAcquireSpinLock
KfReleaseSpinLock
KeGetCurrentIrql

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 920B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

INIT
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Pacote - Hacker By Lover/Bonus +/Lover Engine 1.0/MEMORYFIRST.TMP
Pacote - Hacker By Lover/Bonus +/Lover Engine 1.0/cabalcacsNEW.CT
Pacote - Hacker By Lover/Bonus +/Lover Engine 1.0/cabalcacsNEW1.CT
Pacote - Hacker By Lover/Bonus +/Lover Engine 1.0/cabalcacsNEW2.CT
Pacote - Hacker By Lover/Bonus +/Lover Engine 1.0/cabalcacsNEW2333.CT
Pacote - Hacker By Lover/Bonus +/Lover Engine 1.0/ceregr3set.exe
.exe windows:4 windows x86 arch:x86

1c372311534116eeffdf56f3f6c69c5c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
ExitProcess
GetProcAddress

user32

wsprintfA
MessageBoxA

Sections

UPX0
Size: - Virtual size: 72KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.nPack
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Pacote - Hacker By Lover/Bonus +/Lover Engine 1.0/driver.dat
Pacote - Hacker By Lover/Bonus +/Lover Engine 1.0/emptyproc3ss.exe
.exe windows:4 windows x86 arch:x86

1c372311534116eeffdf56f3f6c69c5c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
ExitProcess
GetProcAddress

user32

wsprintfA
MessageBoxA

Sections

UPX0
Size: - Virtual size: 44KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 22KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.nPack
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Pacote - Hacker By Lover/Bonus +/LoverHex/Boot Sector FAT.tpl
Pacote - Hacker By Lover/Bonus +/LoverHex/Boot Sector FAT32.tpl
Pacote - Hacker By Lover/Bonus +/LoverHex/Boot Sector NTFS.tpl
Pacote - Hacker By Lover/Bonus +/LoverHex/Dialogs.dat
.dll windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 512B - Virtual size: 128B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 1KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 556B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 296B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 117KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Pacote - Hacker By Lover/Bonus +/LoverHex/Ext Directory Entry.tpl
Pacote - Hacker By Lover/Bonus +/LoverHex/Ext Group Descriptor.tpl
Pacote - Hacker By Lover/Bonus +/LoverHex/Ext Inode.tpl
Pacote - Hacker By Lover/Bonus +/LoverHex/Ext Superblock.tpl
Pacote - Hacker By Lover/Bonus +/LoverHex/FAT Directory Entry.tpl
Pacote - Hacker By Lover/Bonus +/LoverHex/FAT LFN Entry.tpl
Pacote - Hacker By Lover/Bonus +/LoverHex/File Type Signatures Search.txt
Pacote - Hacker By Lover/Bonus +/LoverHex/HFS+ Volume Header.tpl
Pacote - Hacker By Lover/Bonus +/LoverHex/Last session Administrador.prj
Pacote - Hacker By Lover/Bonus +/LoverHex/Last session Raphael.prj
Pacote - Hacker By Lover/Bonus +/LoverHex/Lover_Hex_Editor.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 241KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 37B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: - Virtual size: 89KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 251KB - Virtual size: 250KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Pacote - Hacker By Lover/Bonus +/LoverHex/Master Boot Record.tpl
Pacote - Hacker By Lover/Bonus +/LoverHex/NTFS FILE Record.tpl
Pacote - Hacker By Lover/Bonus +/LoverHex/Recently Opened.dat
Pacote - Hacker By Lover/Bonus +/LoverHex/Sample script.whs
Pacote - Hacker By Lover/Bonus +/LoverHex/Text file conversion UNIX - Windows.whs
Pacote - Hacker By Lover/Bonus +/LoverHex/Text file conversion Windows - UNIX.whs
Pacote - Hacker By Lover/Bonus +/LoverHex/WinHex.cfg
Pacote - Hacker By Lover/Bonus +/LoverHex/ebcdic.dat
Pacote - Hacker By Lover/Bonus +/LoverHex/indexcha.txt
Pacote - Hacker By Lover/Bonus +/LoverHex/language.dat
Pacote - Hacker By Lover/Bonus +/LoverHex/timezone.dat
Pacote - Hacker By Lover/Bonus +/LoverHex/user.txt
Pacote - Hacker By Lover/Bonus +/LoverHex/whxsetup.exe
.exe windows:1 windows x86 arch:x86

4992effadd3dc5e3d6615ddef812b7a6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHBrowseForFolder
SHFileOperationA
SHGetPathFromIDListA

kernel32

FindClose
FindFirstFileA
FindNextFileA
FormatMessageA
GetCommandLineA
GetFileAttributesA
GetLastError
GetModuleFileNameA
GetModuleHandleA
CloseHandle
GetTickCount
GlobalAddAtomA
GlobalAlloc
GlobalDeleteAtom
GlobalFree
GlobalLock
CopyFileA
GlobalUnlock
CreateDirectoryA
RtlUnwind
RtlZeroMemory
SetCurrentDirectoryA
SetFileAttributesA
SetFilePointer
VirtualAlloc
VirtualFree
WinExec
_lcreat
_lopen
_lread
lstrcatA
lstrcmpiA
lstrcpyA
lstrlenA

user32

SetWindowTextA
GetWindowTextA
GetWindowRect
IsWindow
SystemParametersInfoA
CheckDlgButton
IsDialogMessageA
BeginPaint
EndPaint
InvalidateRect
SetFocus
LoadCursorA
LoadIconA
RegisterClassA
MessageBoxA
SetCursor
GetMessageA
PeekMessageA
TranslateMessage
DispatchMessageA
DrawTextA
GetWindowDC
ReleaseDC
FillRect
OffsetRect
SendMessageA
wsprintfA
PostMessageA
PostQuitMessage
GetSystemMetrics
CreateWindowExA
SetWindowPos
MoveWindow
DefWindowProcA
EnableWindow

gdi32

BitBlt
GetStockObject
RealizePalette
SelectObject
SelectPalette
SetBkMode
CreateCompatibleBitmap
SetTextColor
CreateCompatibleDC
StretchBlt
TextOutA
CreatePalette
GetObjectA
CreateFontA
CreateSolidBrush
DeleteDC
DeleteObject

advapi32

RegCloseKey
RegCreateKeyA
RegOpenKeyA
RegQueryValueExA
RegSetValueExA

crtdll

_itoa
__GetMainArgs
exit
raise
signal
strchr

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 944B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 924B - Virtual size: 924B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Pacote - Hacker By Lover/Bonus +/LoverHex/winhex-d.cnt
Pacote - Hacker By Lover/Bonus +/LoverHex/winhex-d.hlp
Pacote - Hacker By Lover/Bonus +/LoverHex/winhex.cnt
Pacote - Hacker By Lover/Bonus +/LoverHex/winhex.hlp
Pacote - Hacker By Lover/Bonus +/LoverHex/zlib1.dll
.dll windows:4 windows x86 arch:x86

7e3560e4dd2deaa398fa039458dd4b4b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

free
malloc
strerror
fflush
_errno
fopen
fread
fprintf
_vsnprintf
sprintf
ftell
fseek
fclose
clearerr
_fdopen
_initterm
_adjust_fdiv
fwrite
fputc

kernel32

DisableThreadLibraryCalls

Exports

Exports

adler32
compress
compress2
compressBound
crc32
deflate
deflateBound
deflateCopy
deflateEnd
deflateInit2_
deflateInit_
deflateParams
deflatePrime
deflateReset
deflateSetDictionary
get_crc_table
gzclearerr
gzclose
gzdopen
gzeof
gzerror
gzflush
gzgetc
gzgets
gzopen
gzprintf
gzputc
gzputs
gzread
gzrewind
gzseek
gzsetparams
gztell
gzungetc
gzwrite
inflate
inflateBack
inflateBackEnd
inflateBackInit_
inflateCopy
inflateEnd
inflateInit2_
inflateInit_
inflateReset
inflateSetDictionary
inflateSync
inflateSyncPoint
uncompress
zError
zlibCompileFlags
zlibVersion

Sections

.text
Size: 37KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 116B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 920B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 872B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Pacote - Hacker By Lover/Bonus +/PB launcher/PBConfig.exe
.exe windows:5 windows x86 arch:x86

62ce500bd2bcd796cd087c35925130d4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

f:\PB_Backup_All\2011_10_21\PointBlank\Source_New\ClientSource\Distribute_Brazil\PBConfig.pdb

Imports

i3basedx

?SetEnv@i3Error@@YAXPBDH0W4I3LOG_TYPE@@@Z
?Log@i3Error@@YAXPBDZZ
?Release@i3ElementBase@@QAEXXZ
?Alloc@i3mem@@3P6APAXHHHPBDH@ZA
?i3BaseRegisterMetas@@YAXXZ
?Format@i3String@@YAXPADHPBDZZ
?i3MemoryInit@@YAXIPAD@Z
?Free@i3mem@@3P6AXPAXPBDH@ZA

i3mathdx

?i3MathRegisterMetas@@YAXXZ

i3gfxdx

??1i3VideoInfo@@UAE@XZ
?i3GfxRegisterMetas@@YAXXZ
?getDisplayMode@i3RenderContext@@SAXHW4I3G_IMAGE_FORMAT@@PAUI3G_DISPLAY_MODE_INFO@@@Z
?getDisplayModeCount@i3RenderContext@@SAHW4I3G_IMAGE_FORMAT@@@Z
?Create@i3RenderContext@@QAE_NPAVi3VideoInfo@@PAX@Z
??0i3VideoInfo@@QAE@XZ
?_NewObject@i3RenderContext@@SAPAV1@XZ

i3scenedx

?GetData@i3RegKey@@QAE_NPBDPAM@Z
?GetData@i3RegKey@@QAE_NPBDPAH@Z
?getRoot@i3RegistrySet@@QAEPAVi3RegKey@@XZ
?LoadRegistrySet@i3RegistrySet@@QAEIPBDW4REGISTRY_FILE_TYPE@@@Z
?_NewObject@i3RegistrySet@@SAPAV1@XZ
?SaveRegistrySet@i3RegistrySet@@QAEIPBDW4REGISTRY_FILE_TYPE@@@Z
?AddData@i3RegKey@@QAEXPBDM@Z
?AddData@i3RegKey@@QAEXPBDH@Z
?i3SceneRegisterMetas@@YAXXZ

kernel32

SetEndOfFile
GetFileSize
DuplicateHandle
GetCurrentProcess
FindClose
FindFirstFileA
GetVolumeInformationA
GetFullPathNameA
CreateFileA
GetCPInfo
GetOEMCP
SetErrorMode
GetModuleHandleW
FileTimeToSystemTime
FileTimeToLocalFileTime
GetFileAttributesA
GetFileSizeEx
GetFileTime
GetTickCount
UnlockFile
GetCommandLineA
GetStartupInfoA
HeapAlloc
HeapFree
Sleep
ExitProcess
RaiseException
HeapSize
HeapReAlloc
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetStdHandle
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
HeapCreate
VirtualFree
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeCriticalSectionAndSpinCount
GetACP
IsValidCodePage
GetStringTypeA
GetStringTypeW
GetTimeZoneInformation
GetConsoleCP
GetConsoleMode
LCMapStringA
LCMapStringW
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CompareStringW
SetEnvironmentVariableA
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
GetThreadLocale
InterlockedIncrement
FormatMessageA
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalFree
LocalAlloc
GlobalFlags
InterlockedDecrement
GetModuleFileNameW
MulDiv
GlobalGetAtomNameA
GlobalFindAtomA
LoadLibraryA
MultiByteToWideChar
lstrcmpW
GetVersionExA
lstrlenA
WritePrivateProfileStringA
GlobalUnlock
GlobalFree
FreeResource
GetCurrentProcessId
GetLastError
SetLastError
GlobalAddAtomA
CloseHandle
GlobalDeleteAtom
GetCurrentThread
GetCurrentThreadId
ConvertDefaultLocale
EnumResourceLanguagesA
GetModuleFileNameA
GetLocaleInfoA
LoadLibraryExA
WideCharToMultiByte
CompareStringA
FindResourceA
LoadResource
LockResource
SizeofResource
InterlockedExchange
GlobalLock
lstrcmpA
GlobalAlloc
FreeLibrary
GetModuleHandleA
GetProcAddress
RtlUnwind

user32

SetCapture
LoadCursorA
ReleaseCapture
GetSysColorBrush
CharUpperA
CharNextA
CopyAcceleratorTableA
IsRectEmpty
SetRect
InvalidateRect
InvalidateRgn
GetNextDlgGroupItem
MessageBeep
DestroyMenu
UnregisterClassA
RegisterClipboardFormatA
PostThreadMessageA
DrawTextA
TabbedTextOutA
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
RegisterWindowMessageA
SendDlgItemMessageA
WinHelpA
IsChild
GetCapture
GetClassLongA
GetClassNameA
SetPropA
GetPropA
RemovePropA
SetFocus
GetWindowTextA
GetForegroundWindow
GetTopWindow
UnhookWindowsHookEx
GetMessagePos
MapWindowPoints
SetMenu
SetForegroundWindow
UpdateWindow
GetSubMenu
GetMenuItemID
GetMenuItemCount
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
GetSysColor
AdjustWindowRectEx
EqualRect
CopyRect
PtInRect
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
GetMenu
SetWindowLongA
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetWindowRect
GetWindow
SetWindowContextHelpId
MapDialogRect
SetWindowPos
GetDesktopWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
IsWindow
GetDlgItem
GetNextDlgTabItem
EndDialog
GetWindowThreadProcessId
GetWindowLongA
GetLastActivePopup
IsWindowEnabled
MessageBoxA
SetCursor
SetWindowsHookExA
CallNextHookEx
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
IsWindowVisible
GetKeyState
PeekMessageA
GetCursorPos
ValidateRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapA
GetFocus
GetParent
ModifyMenuA
GetMenuState
EndPaint
BeginPaint
EnableMenuItem
CheckMenuItem
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
GrayStringA
GetMessageTime
DrawTextExA
PostMessageA
PostQuitMessage
LoadIconA
EnableWindow
GetClientRect
IsIconic
SendMessageA
DrawIcon
GetSystemMetrics

gdi32

DeleteObject
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
DeleteDC
SelectObject
GetDeviceCaps
GetBkColor
GetTextColor
CreateRectRgnIndirect
GetRgnBox
GetMapMode
GetStockObject
SetMapMode
Escape
ExtTextOutA
TextOutA
RectVisible
RestoreDC
SaveDC
GetObjectA
SetBkColor
SetTextColor
GetClipBox
CreateBitmap
PtVisible
GetWindowExtEx
GetViewportExtEx
SetViewportOrgEx

comdlg32

GetFileTitleA

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

advapi32

RegQueryValueA
RegSetValueExA
RegCreateKeyExA
RegCloseKey
RegOpenKeyA
RegEnumKeyA
RegDeleteKeyA
RegOpenKeyExA
RegQueryValueExA

comctl32

ord17

shlwapi

PathStripToRootA
PathIsUNCA
PathFindFileNameA
PathFindExtensionA

oledlg

ord8

ole32

CoTaskMemFree
CLSIDFromProgID
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
OleIsCurrentClipboard
CoRegisterMessageFilter
OleFlushClipboard
CoRevokeClassObject
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CreateILockBytesOnHGlobal
CoTaskMemAlloc
CLSIDFromString

oleaut32

SysFreeString
SysAllocString
SafeArrayDestroy
SystemTimeToVariantTime
VariantTimeToSystemTime
OleCreateFontIndirect
SysAllocStringByteLen
SysStringLen
VariantInit
VariantChangeType
VariantClear
SysAllocStringLen
VariantCopy

Sections

.text
Size: 202KB - Virtual size: 202KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 53KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 49KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Pacote - Hacker By Lover/Bonus +/PB launcher/PBLauncher.exe
.exe windows:5 windows x86 arch:x86

5320b72a0158b542881c1b5401f85e7a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\Projects\GamePortal\tags\FileSyncSystem-2010-08-25-bra\Updater\Release Brazil\PBLauncher.pdb

Imports

kernel32

TlsFree
GlobalFlags
GetCPInfo
GetOEMCP
GetModuleHandleW
SetErrorMode
RtlUnwind
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RaiseException
GetCommandLineA
GetStartupInfoA
ExitThread
CreateThread
HeapFree
HeapAlloc
ExitProcess
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
HeapReAlloc
HeapSize
SetStdHandle
GetFileType
GetACP
IsValidCodePage
GetStdHandle
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
TlsAlloc
HeapCreate
VirtualFree
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetConsoleCP
GetConsoleMode
LCMapStringA
LCMapStringW
InitializeCriticalSectionAndSpinCount
GetTimeZoneInformation
GetDriveTypeA
GetStringTypeA
GetStringTypeW
LocalReAlloc
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
GetLocaleInfoW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetProcessHeap
CompareStringW
SetEnvironmentVariableA
GlobalHandle
GlobalReAlloc
TlsGetValue
InterlockedIncrement
LocalAlloc
DeleteCriticalSection
InitializeCriticalSection
FindNextFileA
GetFileSizeEx
SetFileAttributesA
GetFileAttributesExA
FileTimeToSystemTime
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
ReadFile
GetThreadLocale
InterlockedDecrement
GetModuleFileNameW
WritePrivateProfileStringA
ReleaseMutex
CreateMutexA
GetCurrentProcessId
TlsSetValue
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesA
GetLocaleInfoA
lstrcmpA
FreeResource
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
FreeLibrary
CompareStringA
LoadLibraryA
SetLastError
lstrcmpW
GetModuleHandleA
GetProcAddress
GetVersionExA
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
CompareFileTime
FindClose
FindFirstFileA
GetFileTime
DosDateTimeToFileTime
LocalFileTimeToFileTime
SetFileTime
CreateFileA
WriteFile
lstrcmpiA
GetFileAttributesA
lstrcpyA
lstrlenA
GetFullPathNameA
OutputDebugStringA
SetEvent
CreateEventA
WaitForSingleObject
CloseHandle
MultiByteToWideChar
GetVolumeInformationA
CreateDirectoryA
RemoveDirectoryA
FormatMessageA
LocalFree
SetCurrentDirectoryA
Sleep
MoveFileExA
FileTimeToLocalFileTime
CopyFileA
MoveFileA
GetModuleFileNameA
GetCurrentDirectoryA
GetDiskFreeSpaceExA
GetTickCount
GetLastError
DeleteFileA
InterlockedExchange
EnterCriticalSection
LeaveCriticalSection
MulDiv
WideCharToMultiByte
LoadResource
LockResource
SizeofResource
SetHandleCount
FindResourceA

user32

SetWindowContextHelpId
MapDialogRect
CharNextA
InvalidateRgn
CopyAcceleratorTableA
CharUpperA
WindowFromPoint
UnpackDDElParam
ReuseDDElParam
LoadMenuA
DestroyMenu
LoadAcceleratorsA
InsertMenuItemA
CreatePopupMenu
SetRectEmpty
BringWindowToTop
TranslateAcceleratorA
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
GetDesktopWindow
CreateDialogIndirectParamA
GetNextDlgTabItem
EndDialog
GetWindowThreadProcessId
ShowOwnedPopups
GetMessageA
TranslateMessage
GetActiveWindow
ValidateRect
PostQuitMessage
IsWindowEnabled
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
SetDlgItemTextA
GetSysColorBrush
GetCursorPos
ReleaseCapture
SetCapture
ClientToScreen
SetWindowRgn
IsRectEmpty
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
ModifyMenuA
GetMenuState
EnableMenuItem
RegisterWindowMessageA
SendDlgItemMessageA
WinHelpA
GetCapture
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassNameA
SetPropA
GetPropA
RemovePropA
SetFocus
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
GetLastActivePopup
SetActiveWindow
DispatchMessageA
BeginDeferWindowPos
EndDeferWindowPos
GetDlgItem
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageA
MapWindowPoints
ScrollWindow
TrackPopupMenu
GetKeyState
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
IsWindowVisible
GetSubMenu
GetMenuItemID
GetMenuItemCount
MessageBoxA
CreateWindowExA
GetClassInfoExA
InflateRect
GetMenuItemInfoA
PostThreadMessageA
MessageBeep
GetNextDlgGroupItem
RegisterClipboardFormatA
UnregisterClassA
GetClassInfoA
RegisterClassA
ScreenToClient
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
PtInRect
DefWindowProcA
CallWindowProcA
GetMenu
GetWindowLongA
SetWindowLongA
SetWindowPos
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetWindowRect
GetWindow
GetDlgCtrlID
GetFocus
IsChild
GetParent
UpdateWindow
IsWindow
AdjustWindowRectEx
SetCursor
GetSysColor
LoadCursorA
CopyRect
TrackMouseEvent
KillTimer
LoadImageA
LoadIconA
SetTimer
InvalidateRect
GetClientRect
IsIconic
PostMessageA
SendMessageA
DrawIcon
FillRect
LoadBitmapA
SetRect
GetSystemMetrics
EnableWindow
CheckMenuItem

gdi32

ExtSelectClipRgn
CreatePatternBrush
GetStockObject
CreateRectRgnIndirect
GetRgnBox
GetBkColor
GetTextColor
GetTextExtentPoint32A
GetMapMode
SetWindowExtEx
ScaleWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
GetPixel
GetWindowExtEx
CreateSolidBrush
SetMapMode
SetBkMode
RestoreDC
SaveDC
Ellipse
LPtoDP
CreateEllipticRgn
CreateBitmap
SetBkColor
SetTextColor
GetClipBox
GetDIBColorTable
DeleteDC
SelectObject
StretchBlt
DeleteObject
BitBlt
GetDeviceCaps
CreateCompatibleDC
CreateCompatibleBitmap
GetObjectA
CreateFontIndirectA
GetViewportExtEx

msimg32

AlphaBlend
TransparentBlt

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegSetValueExA
RegCreateKeyExA
RegQueryValueA
RegOpenKeyA
RegEnumKeyA
RegDeleteKeyA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey

shell32

ShellExecuteExA
SHGetPathFromIDListA
SHBrowseForFolderA
DragFinish
DragQueryFileA
ShellExecuteA

shlwapi

PathFindFileNameA
PathStripToRootA
PathIsUNCA
UrlUnescapeA
PathFindExtensionA

ole32

CoRegisterMessageFilter
CoTaskMemAlloc
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CLSIDFromString
CLSIDFromProgID
CoFreeUnusedLibraries
CoRevokeClassObject
OleInitialize
CoTaskMemFree
OleUninitialize
OleIsCurrentClipboard
OleFlushClipboard

oleaut32

OleCreateFontIndirect
VariantCopy
SafeArrayCreate
SafeArrayGetDim
SafeArrayGetElemsize
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayAccessData
SysAllocStringLen
SysFreeString
VariantInit
VariantClear
SysAllocString
VariantChangeType
SysStringLen
SysAllocStringByteLen
VariantTimeToSystemTime
SystemTimeToVariantTime
SafeArrayDestroy
SafeArrayUnaccessData

gdiplus

GdiplusShutdown

wsock32

WSACleanup
gethostbyname
WSASetLastError
WSAStartup
inet_addr
getsockname
send
recv
socket
htons
connect
shutdown
closesocket
ioctlsocket

oledlg

ord8

ws2_32

WSACloseEvent
WSAEventSelect
WSAEnumNetworkEvents
WSACreateEvent

wininet

InternetCrackUrlA
InternetCanonicalizeUrlA
InternetCloseHandle
InternetConnectA
DeleteUrlCacheEntry
HttpOpenRequestA
HttpSendRequestA
HttpQueryInfoA
InternetQueryDataAvailable
InternetOpenA
InternetReadFile
InternetGetLastResponseInfoA

iphlpapi

GetAdaptersInfo

urlmon

URLDownloadToFileA

Sections

.text
Size: 442KB - Virtual size: 441KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 91KB - Virtual size: 90KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 829KB - Virtual size: 828KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Pacote - Hacker By Lover/Bonus +/Pause+To+Kill.exe
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 448KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 263KB - Virtual size: 264KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 512KB - Virtual size: 512KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 54KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 26KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Pacote - Hacker By Lover/Bonus +/Xtrap-Kill.exe
.exe windows:4 windows x86 arch:x86

21ae95d5a23370bcab3bb19b4a1891ba

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42u

ord6921
ord5679
ord6919
ord6640
ord3993
ord4124
ord2755
ord2810
ord6195
ord4215
ord2576
ord3649
ord2430
ord6266
ord1637
ord6918
ord535
ord2606
ord4219
ord3296
ord940
ord6688
ord942
ord3494
ord2507
ord355
ord538
ord4272
ord539
ord6003
ord665
ord1971
ord6381
ord5180
ord354
ord2756
ord537
ord3365
ord2574
ord4396
ord3635
ord693
ord4238
ord3991
ord6896
ord5977
ord3281
ord3728
ord810
ord4266
ord6654
ord2634
ord6655
ord4667
ord4269
ord6371
ord4480
ord2546
ord2504
ord5727
ord3917
ord1089
ord5193
ord2388
ord3341
ord5296
ord5298
ord2717
ord4074
ord4692
ord5303
ord5285
ord5710
ord6920
ord3733
ord815
ord561
ord804
ord6433
ord2613
ord1131
ord781
ord2579
ord4400
ord3389
ord3724
ord1143
ord2078
ord6777
ord1197
ord4155
ord2858
ord3605
ord656
ord6771
ord2403
ord2015
ord4213
ord2570
ord4392
ord6732
ord3393
ord686
ord6498
ord384
ord2400
ord3298
ord3282
ord6004
ord3995
ord6776
ord2857
ord2088
ord3909
ord6868
ord925
ord6697
ord861
ord2362
ord6330
ord4197
ord6867
ord927
ord4273
ord922
ord2813
ord547
ord668
ord1972
ord3176
ord4053
ord2773
ord2762
ord356
ord3332
ord3806
ord551
ord6865
ord6414
ord3703
ord3084
ord2859
ord941
ord5438
ord3313
ord6898
ord4229
ord1569
ord2294
ord641
ord324
ord2910
ord795
ord609
ord3592
ord4419
ord5276
ord1767
ord6048
ord2506
ord4992
ord5261
ord3356
ord4704
ord4847
ord4370
ord3716
ord3397
ord3569
ord4390
ord2567
ord5286
ord6354
ord823
ord556
ord2631
ord2114
ord1088
ord3087
ord6871
ord6211
ord4294
ord858
ord1165
ord470
ord5871
ord6168
ord3871
ord1634
ord5785
ord2444
ord755
ord2406
ord3621
ord3614
ord3658
ord2371
ord3792
ord5273
ord4270
ord800
ord825
ord567
ord540
ord818
ord3737
ord4418
ord4621
ord4075
ord3074
ord3820
ord3826
ord3825
ord2971
ord3076
ord2980
ord3257
ord3131
ord4459
ord3254
ord3142
ord2977
ord2116
ord2438
ord5257
ord1720
ord5059
ord3744
ord6372
ord2047
ord2640
ord4435
ord4831
ord3793
ord4347
ord6370
ord5157
ord2377
ord5237
ord4401
ord1768
ord4073
ord4616
ord6051

msvcrt

_initterm
__wgetmainargs
_wcmdln
exit
_XcptFilter
_exit
fopen
fseek
ftell
fread
printf
__setusermatherr
realloc
isdigit
isxdigit
atoi
tolower
sprintf
strncpy
wcsstr
fwprintf
fwrite
towupper
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
__dllonexit
_onexit
?terminate@@YAXXZ
_controlfp
strncmp
__CxxFrameHandler
_purecall
free
malloc
wcstok
_except_handler3
_wcsicmp
_snwprintf
wcscpy
wcscat
wcsrchr
rand
wcslen
srand
fclose
wcscmp
sscanf
strstr
strchr
fgets
_wfopen
wcsncmp
_wcsnicmp
_wcsicoll
_wtoi
wcsncat
swprintf
wcsncpy
wcschr
isprint
memmove
swscanf

kernel32

ExpandEnvironmentStringsW
MultiByteToWideChar
DeviceIoControl
DefineDosDeviceW
DeleteFileW
SetFileAttributesW
GetFileAttributesW
LockResource
LoadResource
SizeofResource
FindResourceW
GetDriveTypeW
Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
GetCurrentProcessId
DuplicateHandle
VirtualProtect
UnmapViewOfFile
MapViewOfFileEx
CreateFileMappingW
FlushFileBuffers
QueryDosDeviceW
GetLogicalDrives
MoveFileExW
RemoveDirectoryW
CreateDirectoryW
IsBadReadPtr
ResumeThread
SuspendThread
LoadLibraryW
FreeLibrary
GetExitCodeThread
GetStartupInfoW
GetModuleHandleW
GetProcAddress
LeaveCriticalSection
EnterCriticalSection
CloseHandle
GetSystemDirectoryW
InitializeCriticalSection
GetVersion
DeleteCriticalSection
GlobalUnlock
GlobalLock
LocalAlloc
CreateFileW
GetModuleFileNameW
WriteFile
WideCharToMultiByte
GetTickCount
GetWindowsDirectoryW
GetLastError
ReadFile
GetFileSize
GetLongPathNameW
Sleep
CreateThread
TerminateThread
WaitForSingleObject
GetProfileStringW
GetPrivateProfileStringW
GetCurrentProcess
OpenProcess
GetUserDefaultLangID
ExitProcess

user32

GetFocus
UnhookWindowsHookEx
ScreenToClient
IsIconic
GetSystemMetrics
DrawIcon
GetSystemMenu
LoadIconW
DestroyIcon
SetWindowPos
EnableMenuItem
LoadImageW
IsWindowVisible
GetClassNameW
GetWindowThreadProcessId
GetWindowTextW
EnumWindows
DestroyWindow
PostMessageW
ShowWindow
CloseClipboard
OpenClipboard
EmptyClipboard
SetClipboardData
CreatePopupMenu
AppendMenuW
wsprintfW
GetParent
SetWindowLongW
SetCursor
InvalidateRect
GetClientRect
GetCursorPos
IsWindow
EnableWindow
SendMessageW
GetWindowRect
LoadCursorW

gdi32

CreateFontW

advapi32

OpenProcessToken
CloseServiceHandle
QueryServiceConfig2W
QueryServiceConfigW
OpenServiceW
RegDeleteValueW
RegQueryValueExW
RegOpenKeyExW
RegEnumValueW
RegCreateKeyW
RegSetValueExW
RegDeleteKeyW
CreateServiceW
RegCloseKey
LookupPrivilegeValueW
AdjustTokenPrivileges
StartServiceW
ControlService
DeleteService
QueryServiceStatus
OpenSCManagerW
EnumServicesStatusW

shell32

ShellExecuteW
SHGetFileInfoW
SHBrowseForFolderW
SHGetPathFromIDListW
SHGetSpecialFolderPathW
StrStrIA
StrStrIW
ShellExecuteExW

comctl32

ImageList_ReplaceIcon
ImageList_SetBkColor
ImageList_Remove
_TrackMouseEvent
ImageList_GetImageCount

ole32

CoUninitialize
CoTaskMemFree
CoInitialize
StringFromGUID2
CoInitializeEx
CoCreateInstance

msvcp60

??1_Lockit@std@@QAE@XZ
?_Copy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXI@Z
?_Eos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXI@Z
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
?max_size@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIXZ
?_Xlen@std@@YAXXZ
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0_Lockit@std@@QAE@XZ

shlwapi

PathFileExistsW

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

wininet

InternetSetOptionW
HttpAddRequestHeadersW
HttpOpenRequestW
InternetOpenW
InternetReadFile
InternetCloseHandle
InternetQueryDataAvailable
HttpSendRequestW
HttpQueryInfoW
InternetConnectW

ws2_32

inet_ntoa
ntohs

Sections

.text
Size: 528KB - Virtual size: 528KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 83KB - Virtual size: 83KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 454KB - Virtual size: 711KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 736KB - Virtual size: 735KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xuetr0
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 52B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Pacote - Hacker By Lover/Chams Auto On By Lover.dll
.dll windows:5 windows x86 arch:x86

4fdffb6e7a98f190c499758490f15214

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\Users\justin.TaylorGang-PC\Desktop\new - Copy\Release\new.pdb

Imports

kernel32

GetCurrentProcess
IsBadCodePtr
LoadLibraryW
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
FlushInstructionCache
VirtualProtect
SetLastError
IsProcessorFeaturePresent
GetSystemInfo
UnmapViewOfFile
CloseHandle
CreateFileW
CreateFileA
CreateFileMappingA
GetFileSize
MapViewOfFile
GetLastError
OutputDebugStringA
lstrcmpiA
GetFullPathNameA
LeaveCriticalSection
DeleteCriticalSection
InterlockedCompareExchange
Sleep
InitializeCriticalSection
InterlockedExchange
EnterCriticalSection
VirtualAlloc
VirtualFree
GetProcAddress
GetModuleHandleA
LoadLibraryA
WideCharToMultiByte
MultiByteToWideChar
GetVersionExA
FreeLibrary

user32

GetAsyncKeyState

psapi

GetModuleInformation

msvcr90

_crt_debugger_hook
__CppXcptFilter
__clean_type_info_names_internal
_unlock
__dllonexit
_lock
_onexit
_except_handler4_common
_adjust_fdiv
_amsg_exit
_initterm_e
_initterm
_decode_pointer
_encoded_null
_malloc_crt
_encode_pointer
memcpy
__CxxFrameHandler
_CIacos
_finite
qsort
memmove
atoi
toupper
isxdigit
isalpha
isalnum
isdigit
tolower
atof
free
setlocale
_strdup
_controlfp
_stricmp
_snprintf
_vsnprintf
iswspace
iswalpha
iswdigit
iswpunct
_ftol
wcsncpy
??2@YAPAXI@Z
??3@YAXPAX@Z
sprintf

gdi32

CreateDIBSection
GetGlyphOutlineA
GetTextMetricsA
GetObjectW
ExtTextOutW
MoveToEx
ExtTextOutA
CreateCompatibleDC
SetMapMode
SetTextAlign
CreateFontIndirectW
CreateFontIndirectA
GetFontLanguageInfo
GetTextMetricsW
SetBkMode
SetBkColor
SetTextColor
GetCharacterPlacementW
GetCharacterPlacementA
SelectObject
DeleteObject
DeleteDC
GetObjectA

advapi32

RegCloseKey
RegQueryValueExA
RegOpenKeyA

Sections

.text
Size: 159KB - Virtual size: 159KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 74KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 39KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 688B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Pacote - Hacker By Lover/Chams Configuravel by Lover ( Diogo Palos ).dll
.dll windows:5 windows x86 arch:x86

e144987f43fb8b41f21ee294bc74bb24

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

c:\Users\Jeffrey\Desktop\Fancy PB\Release\Fancy PB.pdb

Imports

kernel32

FreeLibrary
IsBadCodePtr
GetCurrentProcess
LoadLibraryW
Sleep
GetModuleHandleA
CreateThread
UnhandledExceptionFilter
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
IsDebuggerPresent
TerminateProcess
InterlockedCompareExchange
InterlockedExchange
FlushInstructionCache
VirtualProtect
SetLastError
SetUnhandledExceptionFilter

user32

GetAsyncKeyState

psapi

GetModuleInformation

d3dx9_43

D3DXCreateFontW
D3DXAssembleShader

msvcp90

??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z

msvcr90

_itow_s
??3@YAXPAX@Z
memcpy
_unlock
__dllonexit
_encode_pointer
_lock
_onexit
_decode_pointer
_malloc_crt
??0exception@std@@QAE@ABV01@@Z
_encoded_null
_initterm
_initterm_e
_amsg_exit
_adjust_fdiv
__CppXcptFilter
_crt_debugger_hook
_except_handler4_common
?terminate@@YAXXZ
?_type_info_dtor_internal_method@type_info@@QAEXXZ
__clean_type_info_names_internal
_invalid_parameter_noinfo
sprintf
??0exception@std@@QAE@ABQBD@Z
??0exception@std@@QAE@XZ
??1exception@std@@UAE@XZ
?what@exception@std@@UBEPBDXZ
free
??2@YAPAXI@Z
__CxxFrameHandler3
_CxxThrowException

Sections

.text
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 688B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Pacote - Hacker By Lover/Chams Verde F1 By Lover e Bloqueado.dll
.dll windows:5 windows x86 arch:x86

dd796f09747cd1b3fc508ce928fe5e9b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\Users\abdul1\Documents\BFH coding\Simple CF Chams\Release\Digital-hax V1.1.pdb

Imports

kernel32

CreateFileW
CloseHandle
EnterCriticalSection
Sleep
DeleteCriticalSection
LeaveCriticalSection
HeapAlloc
HeapFree
SetLastError
VirtualProtect
FlushInstructionCache
VirtualQuery
GetCurrentThreadId
DecodePointer
GetCommandLineA
RtlUnwind
InterlockedDecrement
InterlockedIncrement
GetModuleHandleW
ExitProcess
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RaiseException
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
SetHandleCount
GetStdHandle
InitializeCriticalSectionAndSpinCount
GetFileType
GetStartupInfoW
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapCreate
HeapDestroy
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetStringTypeW
GetModuleFileNameW
LCMapStringW
SetFilePointer
GetConsoleCP
GetConsoleMode
HeapSize
HeapReAlloc
SetStdHandle
FlushFileBuffers
WriteConsoleW
GetLastError
WriteFile
IsProcessorFeaturePresent
GetSystemInfo
OutputDebugStringA
GetProcAddress
GetModuleHandleA
LoadLibraryA
WideCharToMultiByte
MultiByteToWideChar
GetVersionExA
LoadLibraryW
GetCurrentProcess
EncodePointer
FreeLibrary

user32

GetAsyncKeyState
MessageBoxA

shell32

ShellExecuteA

psapi

GetModuleInformation

gdi32

CreateFontIndirectW
SetTextAlign
SetMapMode
ExtTextOutW
MoveToEx
ExtTextOutA
CreateFontIndirectA
GetFontLanguageInfo
GetTextMetricsW
SetBkMode
SetBkColor
SetTextColor
GetCharacterPlacementW
GetCharacterPlacementA
SelectObject
DeleteObject
DeleteDC
CreateDIBSection
GetGlyphOutlineA
GetTextMetricsA
GetObjectW
GetObjectA
CreateCompatibleDC

advapi32

RegCloseKey
RegQueryValueExA
RegOpenKeyA

Sections

.text
Size: 172KB - Virtual size: 171KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 106KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 44KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Pacote - Hacker By Lover/ChamsWallGlass_By_TeamHackBR_2.dll
.dll windows:5 windows x86 arch:x86

6b7e8792fc997e03c7d14433cf9629a9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\Users\abdul1\Documents\Visual Studio 2010\Projects\1.1 test\Release\Digital-hax CrosFire Public Hack V3.0.pdb

Imports

kernel32

GetCurrentProcess
LoadLibraryW
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
DecodePointer
EncodePointer
FlushInstructionCache
VirtualProtect
SetLastError
InterlockedCompareExchange
Sleep
InterlockedExchange
IsProcessorFeaturePresent
GetSystemInfo
OutputDebugStringA
GetProcAddress
GetModuleHandleA
LoadLibraryA
WideCharToMultiByte
MultiByteToWideChar
GetVersionExA
GetTimeFormatA

user32

GetAsyncKeyState
SetRect
MessageBoxA

gdi32

GetCharacterPlacementA
GetGlyphOutlineA
GetTextMetricsA
GetObjectW
ExtTextOutW
ExtTextOutA
SetTextAlign
SetMapMode
CreateCompatibleDC
SelectObject
DeleteObject
SetBkColor
CreateDIBSection
DeleteDC
SetTextColor
MoveToEx
CreateFontIndirectW
CreateFontIndirectA
GetFontLanguageInfo
GetTextMetricsW
SetBkMode
GetCharacterPlacementW
GetObjectA

shell32

ShellExecuteA

psapi

GetModuleInformation

msvcr100

memcpy
_malloc_crt
_encoded_null
_initterm
_initterm_e
_amsg_exit
__CppXcptFilter
_crt_debugger_hook
__clean_type_info_names_internal
_unlock
__dllonexit
_lock
_onexit
_except_handler4_common
free
__CxxFrameHandler
_finite
_CIacos
iswspace
iswalpha
iswdigit
iswpunct
strncpy
_ftol
??2@YAPAXI@Z
??3@YAXPAX@Z
vsprintf_s

advapi32

RegCloseKey
RegQueryValueExA
RegOpenKeyA

Sections

.text
Size: 119KB - Virtual size: 118KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 39KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Pacote - Hacker By Lover/D3D Vip Free By Lover.dll
.dll windows:5 windows x86 arch:x86

b80e26426104839ae858b777abd4d9ec

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\Users\abdul1\Documents\Visual Studio 2010\Projects\1.1 test\Release\Digital-hax.pdb

Imports

kernel32

GetCurrentProcess
LoadLibraryW
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
DecodePointer
EncodePointer
FlushInstructionCache
VirtualProtect
SetLastError
HeapFree
GetProcessHeap
HeapAlloc
InterlockedCompareExchange
InterlockedExchange
MultiByteToWideChar
WideCharToMultiByte
OutputDebugStringA
GetModuleHandleA
GetProcAddress
LoadLibraryA
IsProcessorFeaturePresent
GetSystemInfo
GetVersionExA
Sleep

user32

SetRect
MessageBoxA
GetAsyncKeyState
GetSystemMetrics

gdi32

GetCharacterPlacementA
GetGlyphOutlineA
GetTextMetricsA
GetObjectW
ExtTextOutW
MoveToEx
CreateFontIndirectW
CreateFontIndirectA
ExtTextOutA
SetTextAlign
SetMapMode
CreateCompatibleDC
SelectObject
DeleteObject
SetBkColor
CreateDIBSection
DeleteDC
SetTextColor
GetFontLanguageInfo
GetTextMetricsW
SetBkMode
GetCharacterPlacementW
GetObjectA

shell32

ShellExecuteA

psapi

GetModuleInformation

msvcr100

memcpy
_malloc_crt
_encoded_null
_initterm
_initterm_e
_amsg_exit
__CppXcptFilter
_crt_debugger_hook
__clean_type_info_names_internal
_unlock
__dllonexit
_lock
_onexit
_except_handler4_common
tmpfile
fclose
fwrite
fseek
fread
exit
iswspace
iswalpha
iswdigit
iswpunct
floor
setlocale
_strdup
free
ldexp
sscanf
isspace
isdigit
_setjmp3
longjmp
__CxxFrameHandler
strncpy
_CIpow
_ftol
_finite
_CIacos
sprintf
??2@YAPAXI@Z
??3@YAXPAX@Z
malloc

advapi32

RegCloseKey
RegQueryValueExA
RegOpenKeyA

Sections

.text
Size: 271KB - Virtual size: 271KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 73KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 83KB - Virtual size: 93KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Pacote - Hacker By Lover/D3D9_test.exe
.exe windows:4 windows x86 arch:x86

072dfb4d6c21d87408d5e57d102043a8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStringTypeW
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
GetLastError
SetFilePointer
LoadLibraryA
SetStdHandle
FlushFileBuffers
GetTickCount
Sleep
MulDiv
GetStringTypeA
LCMapStringW
HeapFree
RtlUnwind
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
GetCPInfo
GetACP
GetOEMCP
RaiseException
GetProcAddress
HeapDestroy
HeapCreate
VirtualFree
HeapAlloc
VirtualAlloc
HeapReAlloc
IsBadWritePtr
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
WriteFile
MultiByteToWideChar
LCMapStringA
CloseHandle

user32

DispatchMessageA
DefWindowProcA
PostQuitMessage
LoadCursorA
RegisterClassExA
CreateWindowExA
ShowWindow
PeekMessageA
TranslateMessage

gdi32

DeleteDC
CreateCompatibleDC
CreateDIBSection
SetMapMode
GetDeviceCaps
CreateFontA
SelectObject
SetTextColor
SetBkColor
SetTextAlign
GetTextExtentPoint32A
ExtTextOutA
DeleteObject

d3d9

Direct3DCreate9

Sections

.text
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Pacote - Hacker By Lover/Digital-Hax 1.5 By Lover.dll
.dll windows:5 windows x86 arch:x86

6b7e8792fc997e03c7d14433cf9629a9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\Users\abdul1\Documents\Visual Studio 2010\Projects\1.1 test\Release\Digital-hax CF V2.1.5.pdb

Imports

kernel32

GetCurrentProcess
LoadLibraryW
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
DecodePointer
EncodePointer
FlushInstructionCache
VirtualProtect
SetLastError
InterlockedCompareExchange
Sleep
InterlockedExchange
IsProcessorFeaturePresent
GetSystemInfo
OutputDebugStringA
GetProcAddress
GetModuleHandleA
LoadLibraryA
WideCharToMultiByte
MultiByteToWideChar
GetVersionExA
GetTimeFormatA

user32

GetAsyncKeyState
SetRect
MessageBoxA

gdi32

GetCharacterPlacementA
GetGlyphOutlineA
GetTextMetricsA
GetObjectW
ExtTextOutW
ExtTextOutA
SetTextAlign
SetMapMode
CreateCompatibleDC
SelectObject
DeleteObject
SetBkColor
CreateDIBSection
DeleteDC
SetTextColor
MoveToEx
CreateFontIndirectW
CreateFontIndirectA
GetFontLanguageInfo
GetTextMetricsW
SetBkMode
GetCharacterPlacementW
GetObjectA

shell32

ShellExecuteA

psapi

GetModuleInformation

msvcr100

memcpy
_malloc_crt
_encoded_null
_initterm
_initterm_e
_amsg_exit
__CppXcptFilter
_crt_debugger_hook
__clean_type_info_names_internal
_unlock
__dllonexit
_lock
_onexit
_except_handler4_common
free
__CxxFrameHandler
_finite
_CIacos
iswspace
iswalpha
iswdigit
iswpunct
strncpy
_ftol
??2@YAPAXI@Z
??3@YAXPAX@Z
vsprintf_s

advapi32

RegCloseKey
RegQueryValueExA
RegOpenKeyA

Sections

.text
Size: 117KB - Virtual size: 117KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 39KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Pacote - Hacker By Lover/Digital-Hax Project Blackout v1.2.dll
.dll windows:5 windows x86 arch:x86

5a8f5ede8e437d4c26208ea9abed8861

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\Users\abdul1\Documents\ProjectS\smallD3D\Release\Digital-hax PB.pdb

Imports

kernel32

CreateFileW
CloseHandle
EnterCriticalSection
Sleep
DeleteCriticalSection
LeaveCriticalSection
HeapAlloc
HeapFree
SetLastError
VirtualProtect
FlushInstructionCache
VirtualQuery
GetCurrentThreadId
DecodePointer
GetCommandLineA
RtlUnwind
InterlockedDecrement
InterlockedIncrement
GetModuleHandleW
ExitProcess
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
EncodePointer
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
SetHandleCount
GetStdHandle
InitializeCriticalSectionAndSpinCount
GetFileType
GetStartupInfoW
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapCreate
HeapDestroy
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
RaiseException
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetStringTypeW
GetModuleFileNameW
LCMapStringW
SetFilePointer
GetConsoleCP
GetConsoleMode
HeapReAlloc
HeapSize
SetStdHandle
FlushFileBuffers
WriteConsoleW
GetLastError
WriteFile
IsProcessorFeaturePresent
GetSystemInfo
OutputDebugStringA
GetProcAddress
GetModuleHandleA
LoadLibraryA
WideCharToMultiByte
MultiByteToWideChar
GetVersionExA
LoadLibraryW
GetCurrentProcess
IsDebuggerPresent
IsBadCodePtr

user32

GetAsyncKeyState
SetRect
MessageBoxA

shell32

ShellExecuteA

psapi

GetModuleInformation

gdi32

CreateFontIndirectA
CreateFontIndirectW
SetTextAlign
ExtTextOutW
MoveToEx
ExtTextOutA
CreateCompatibleDC
GetFontLanguageInfo
GetTextMetricsW
SetBkMode
SetBkColor
SetTextColor
GetCharacterPlacementW
GetCharacterPlacementA
SelectObject
DeleteObject
DeleteDC
CreateDIBSection
GetGlyphOutlineA
GetTextMetricsA
GetObjectW
GetObjectA
SetMapMode

advapi32

RegCloseKey
RegQueryValueExA
RegOpenKeyA

Sections

.text
Size: 174KB - Virtual size: 174KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 106KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 44KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Pacote - Hacker By Lover/F1+F2 By Lover.dll
.dll windows:5 windows x86 arch:x86

e13629fc29b9c5c6280e1b1d49f5356f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\Users\abdul1\Documents\VIP Hack\D3DDrv\Release\Digital-hax CF PUB By sam22.pdb

Imports

kernel32

LoadLibraryW
GetVersionExW
GetProcAddress
DisableThreadLibraryCalls
CloseHandle
CreateFileW
WriteConsoleW
SetStdHandle
SetLastError
VirtualProtect
FlushInstructionCache
GetCurrentProcess
VirtualQuery
GetCurrentThreadId
DecodePointer
GetCommandLineA
RtlUnwind
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetLastError
HeapFree
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
EncodePointer
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleW
HeapAlloc
LCMapStringW
Sleep
ExitProcess
SetHandleCount
GetStdHandle
InitializeCriticalSectionAndSpinCount
GetFileType
GetStartupInfoW
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapCreate
HeapDestroy
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
RaiseException
IsProcessorFeaturePresent
MultiByteToWideChar
GetStringTypeW
LeaveCriticalSection
EnterCriticalSection
WriteFile
GetModuleFileNameW
SetFilePointer
GetConsoleCP
GetConsoleMode
HeapReAlloc
HeapSize
FlushFileBuffers

user32

MessageBoxW
GetAsyncKeyState
EnumDisplayDevicesW

Sections

.text
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Pacote - Hacker By Lover/F1.F2.F3.F4.dll
.dll windows:5 windows x86 arch:x86

9de319325d0a7a91f10197763ee59274

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\Users\abdul1\Documents\BFH coding\v1.5\Release\Digital-hax CrossFire Pub V1.5.pdb

Imports

kernel32

CloseHandle
EnterCriticalSection
Sleep
DeleteCriticalSection
LeaveCriticalSection
HeapAlloc
HeapFree
SetLastError
VirtualProtect
FlushInstructionCache
VirtualQuery
GetCurrentThreadId
DecodePointer
GetCommandLineA
RtlUnwind
InterlockedDecrement
InterlockedIncrement
GetModuleHandleW
ExitProcess
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
CreateFileW
RaiseException
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
SetHandleCount
GetStdHandle
InitializeCriticalSectionAndSpinCount
GetFileType
GetStartupInfoW
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapCreate
HeapDestroy
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetStringTypeW
GetModuleFileNameW
LCMapStringW
SetFilePointer
GetConsoleCP
GetConsoleMode
HeapSize
HeapReAlloc
SetStdHandle
FlushFileBuffers
WriteConsoleW
GetLastError
WriteFile
IsProcessorFeaturePresent
GetSystemInfo
OutputDebugStringA
GetProcAddress
GetModuleHandleA
LoadLibraryA
WideCharToMultiByte
MultiByteToWideChar
GetVersionExA
LoadLibraryW
EncodePointer
GetCurrentProcess

user32

GetAsyncKeyState
MessageBoxA

shell32

ShellExecuteA

psapi

GetModuleInformation

gdi32

SetTextAlign
SetMapMode
ExtTextOutW
MoveToEx
ExtTextOutA
CreateFontIndirectW
CreateFontIndirectA
GetFontLanguageInfo
GetTextMetricsW
SetBkMode
SetBkColor
SetTextColor
GetCharacterPlacementW
GetCharacterPlacementA
SelectObject
DeleteObject
DeleteDC
CreateDIBSection
GetGlyphOutlineA
GetTextMetricsA
GetObjectW
GetObjectA
CreateCompatibleDC

advapi32

RegCloseKey
RegQueryValueExA
RegOpenKeyA

Sections

.text
Size: 174KB - Virtual size: 173KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 106KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 44KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Pacote - Hacker By Lover/F_pb.dll
.dll windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

Size: 39KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 4KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 2KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: - Virtual size: 3.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 622KB - Virtual size: 624KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Pacote - Hacker By Lover/Hacker Yellow Chams.dll
.dll windows:5 windows x86 arch:x86

8998356c3160ecdf200df8e00d6eadfc

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\Users\abdul1\Documents\Visual Studio 2008\smallD3D\Release\Dxt-Pb Pub By Mozamel V1.0.pdb

Imports

kernel32

MapViewOfFile
GetFileSize
CreateFileMappingA
CreateFileA
CreateFileW
CloseHandle
UnmapViewOfFile
GetSystemInfo
IsProcessorFeaturePresent
WriteFile
HeapAlloc
HeapFree
SetLastError
VirtualProtect
FlushInstructionCache
VirtualQuery
GetCurrentThreadId
DecodePointer
GetCommandLineA
InterlockedDecrement
InterlockedIncrement
RtlUnwind
GetModuleHandleW
ExitProcess
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
EncodePointer
RaiseException
TlsAlloc
TlsGetValue
TlsSetValue
GetCurrentProcess
SetHandleCount
GetStdHandle
InitializeCriticalSectionAndSpinCount
GetFileType
GetStartupInfoW
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapCreate
HeapDestroy
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetStringTypeW
GetUserDefaultLCID
GetLocaleInfoW
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
LCMapStringW
GetModuleFileNameW
SetFilePointer
GetConsoleCP
GetConsoleMode
HeapSize
HeapReAlloc
SetStdHandle
FlushFileBuffers
WriteConsoleW
GetLastError
OutputDebugStringA
lstrcmpiA
GetFullPathNameA
LeaveCriticalSection
DeleteCriticalSection
InterlockedCompareExchange
Sleep
InitializeCriticalSection
InterlockedExchange
EnterCriticalSection
VirtualAlloc
VirtualFree
GetProcAddress
GetModuleHandleA
LoadLibraryA
WideCharToMultiByte
MultiByteToWideChar
GetVersionExA
LoadLibraryW
TlsFree
IsBadCodePtr

psapi

GetModuleInformation

gdi32

MoveToEx
ExtTextOutA
CreateCompatibleDC
SetMapMode
SetTextAlign
CreateFontIndirectW
CreateFontIndirectA
GetFontLanguageInfo
GetTextMetricsW
SetBkMode
SetBkColor
SetTextColor
GetCharacterPlacementW
GetCharacterPlacementA
SelectObject
DeleteObject
DeleteDC
CreateDIBSection
GetGlyphOutlineA
GetTextMetricsA
GetObjectW
GetObjectA
ExtTextOutW

advapi32

RegCloseKey
RegQueryValueExA
RegOpenKeyA

Sections

.text
Size: 243KB - Virtual size: 243KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 115KB - Virtual size: 114KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 44KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Pacote - Hacker By Lover/Hax-Digital V.2.1.dll
.dll windows:5 windows x86 arch:x86

6b7e8792fc997e03c7d14433cf9629a9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\Users\abdul1\Documents\Visual Studio 2010\Projects\1.1 test\Release\Digital-hax CrossFire Pulic V2.0.pdb

Imports

kernel32

GetCurrentProcess
LoadLibraryW
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
DecodePointer
EncodePointer
FlushInstructionCache
VirtualProtect
SetLastError
InterlockedCompareExchange
Sleep
InterlockedExchange
IsProcessorFeaturePresent
GetSystemInfo
OutputDebugStringA
GetProcAddress
GetModuleHandleA
LoadLibraryA
WideCharToMultiByte
MultiByteToWideChar
GetVersionExA
GetTimeFormatA

user32

GetAsyncKeyState
SetRect
MessageBoxA

gdi32

GetCharacterPlacementA
GetGlyphOutlineA
GetTextMetricsA
GetObjectW
ExtTextOutW
ExtTextOutA
SetTextAlign
SetMapMode
CreateCompatibleDC
SelectObject
DeleteObject
SetBkColor
CreateDIBSection
DeleteDC
SetTextColor
MoveToEx
CreateFontIndirectW
CreateFontIndirectA
GetFontLanguageInfo
GetTextMetricsW
SetBkMode
GetCharacterPlacementW
GetObjectA

shell32

ShellExecuteA

psapi

GetModuleInformation

msvcr100

memcpy
_malloc_crt
_encoded_null
_initterm
_initterm_e
_amsg_exit
__CppXcptFilter
_crt_debugger_hook
__clean_type_info_names_internal
_unlock
__dllonexit
_lock
_onexit
_except_handler4_common
free
__CxxFrameHandler
_finite
_CIacos
iswspace
iswalpha
iswdigit
iswpunct
strncpy
_ftol
??2@YAPAXI@Z
??3@YAXPAX@Z
vsprintf_s

advapi32

RegCloseKey
RegQueryValueExA
RegOpenKeyA

Sections

.text
Size: 118KB - Virtual size: 117KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 39KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Pacote - Hacker By Lover/WorldChams By Lover e Bloqueado.dll
.dll windows:5 windows x86 arch:x86

edc9f747e53f6a65206eff6fdf4798aa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\Users\abdul1\Desktop\smallD3D\Release\CheatCube PB V1.0.pdb

Imports

kernel32

lstrcmpiA
OutputDebugStringA
GetLastError
MapViewOfFile
GetFileSize
CreateFileMappingA
CreateFileA
CreateFileW
CloseHandle
UnmapViewOfFile
GetSystemInfo
IsProcessorFeaturePresent
WriteFile
HeapAlloc
HeapFree
SetLastError
VirtualProtect
FlushInstructionCache
VirtualQuery
GetCurrentThreadId
DecodePointer
GetCommandLineA
InterlockedDecrement
InterlockedIncrement
RtlUnwind
GetModuleHandleW
ExitProcess
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetFullPathNameA
RaiseException
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
SetHandleCount
GetStdHandle
InitializeCriticalSectionAndSpinCount
GetFileType
GetStartupInfoW
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapCreate
HeapDestroy
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetStringTypeW
GetUserDefaultLCID
GetLocaleInfoW
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
LCMapStringW
GetModuleFileNameW
SetFilePointer
GetConsoleCP
GetConsoleMode
HeapSize
HeapReAlloc
SetStdHandle
FlushFileBuffers
WriteConsoleW
LeaveCriticalSection
DeleteCriticalSection
InterlockedCompareExchange
Sleep
InitializeCriticalSection
InterlockedExchange
EnterCriticalSection
VirtualAlloc
VirtualFree
GetProcAddress
GetModuleHandleA
LoadLibraryA
WideCharToMultiByte
MultiByteToWideChar
GetVersionExA
LoadLibraryW
GetCurrentProcess
IsBadCodePtr
GetTimeFormatA
EncodePointer
FreeLibrary

user32

SetRect
GetCursorPos
GetAsyncKeyState

psapi

GetModuleInformation

gdi32

CreateFontIndirectA
SetMapMode
CreateCompatibleDC
CreateFontIndirectW
SetTextAlign
ExtTextOutW
MoveToEx
GetFontLanguageInfo
GetTextMetricsW
SetBkMode
SetBkColor
SetTextColor
GetCharacterPlacementW
GetCharacterPlacementA
SelectObject
DeleteObject
DeleteDC
CreateDIBSection
GetGlyphOutlineA
GetTextMetricsA
GetObjectW
GetObjectA
ExtTextOutA

advapi32

RegQueryValueExA
RegOpenKeyA
RegCloseKey

Sections

.text
Size: 248KB - Virtual size: 248KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 114KB - Virtual size: 114KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 44KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7fa974366048f9c551ef45714595665e

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

advapi32

comctl32

ole32

version

Sections

.text Size: 22KB - Virtual size: 22KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 1024B - Virtual size: 107KB

.ndata Size: - Virtual size: 36KB

.rsrc Size: 16KB - Virtual size: 16KB

Headers

DLL Characteristics

File Characteristics

Sections

UPX0 Size: - Virtual size: 472KB

UPX1 Size: 263KB - Virtual size: 264KB

.rsrc Size: 29KB - Virtual size: 32KB

Headers

DLL Characteristics

File Characteristics

Sections

.text Size: 512KB - Virtual size: 512KB

.rdata Size: 54KB - Virtual size: 54KB

.data Size: 26KB - Virtual size: 105KB

.rsrc Size: 37KB - Virtual size: 36KB

baa93d47220682c04d92f7797d9224ce

Headers

File Characteristics

Imports

kernel32

comctl32

Sections

Size: 248KB - Virtual size: 584KB

.rsrc Size: 1.2MB - Virtual size: 1.2MB

.idata Size: 512B - Virtual size: 4KB

Size: 512B - Virtual size: 992KB

tugruccp Size: 789KB - Virtual size: 792KB

qyduhcul Size: 512B - Virtual size: 4KB

baa93d47220682c04d92f7797d9224ce

Headers

File Characteristics

Imports

kernel32

comctl32

Sections

Size: 170KB - Virtual size: 396KB

.rsrc Size: 1.2MB - Virtual size: 1.2MB

.idata Size: 512B - Virtual size: 4KB

Size: 512B - Virtual size: 988KB

lithocbx Size: 788KB - Virtual size: 792KB

uhyxtyow Size: 512B - Virtual size: 4KB

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text Size: 122KB - Virtual size: 121KB

.sdata Size: 512B - Virtual size: 219B

.rsrc Size: 3KB - Virtual size: 2KB

.reloc Size: 512B - Virtual size: 12B

204918057852b331fd0ab1e517e5126a

Headers

File Characteristics

.text
Size: 22KB - Virtual size: 22KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 1024B - Virtual size: 107KB

.ndata
Size: - Virtual size: 36KB

.rsrc
Size: 16KB - Virtual size: 16KB

UPX0
Size: - Virtual size: 472KB

UPX1
Size: 263KB - Virtual size: 264KB

.rsrc
Size: 29KB - Virtual size: 32KB

.text
Size: 512KB - Virtual size: 512KB

.rdata
Size: 54KB - Virtual size: 54KB

.data
Size: 26KB - Virtual size: 105KB

.rsrc
Size: 37KB - Virtual size: 36KB

.rsrc
Size: 1.2MB - Virtual size: 1.2MB

.idata
Size: 512B - Virtual size: 4KB

tugruccp
Size: 789KB - Virtual size: 792KB

qyduhcul
Size: 512B - Virtual size: 4KB

.rsrc
Size: 1.2MB - Virtual size: 1.2MB

.idata
Size: 512B - Virtual size: 4KB

lithocbx
Size: 788KB - Virtual size: 792KB

uhyxtyow
Size: 512B - Virtual size: 4KB

.text
Size: 122KB - Virtual size: 121KB

.sdata
Size: 512B - Virtual size: 219B

.rsrc
Size: 3KB - Virtual size: 2KB

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 912KB - Virtual size: 912KB

.itext
Size: 3KB - Virtual size: 3KB

.data
Size: 24KB - Virtual size: 23KB

.bss
Size: - Virtual size: 21KB

.idata
Size: 13KB - Virtual size: 13KB

.didata
Size: 1KB - Virtual size: 1KB

.tls
Size: - Virtual size: 60B

.rdata
Size: 512B - Virtual size: 24B

.reloc
Size: 78KB - Virtual size: 77KB

.rsrc
Size: 100KB - Virtual size: 100KB

.text
Size: 273KB - Virtual size: 272KB

.sdata
Size: 512B - Virtual size: 186B

.rsrc
Size: 147KB - Virtual size: 147KB

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 77KB - Virtual size: 80KB

.data
Size: 2KB - Virtual size: 28KB

.idata
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 98KB - Virtual size: 98KB

CODE
Size: 1.2MB - Virtual size: 1.2MB

DATA
Size: 10KB - Virtual size: 10KB

BSS
Size: - Virtual size: 8KB

.idata
Size: 10KB - Virtual size: 10KB

.tls
Size: - Virtual size: 16B

.rdata
Size: 512B - Virtual size: 24B

.reloc
Size: 64KB - Virtual size: 63KB

.rsrc
Size: 633KB - Virtual size: 633KB