Scripzz v1[.]4_[unknowncheats[.]me]_[.]zip

Sharing

Copy URL Twitter E-mail

General

Target

Scripzz v1.4_[unknowncheats.me]_.zip
Size

205KB
MD5

8e69b98a1d9a7c126ce26ddf6657e6e9
SHA1

dd3bce31ffd0772e41b98a92d0a0783c188ba64a
SHA256

3f4a5281ba96503f712216fca4dc76c97e9b8a20728f0520add851a94c4666ba
SHA512

cd829a8e9127a515c52478b3aa927ade2eb9d19ef45dd2276a3b0282a7d8973b3868d48f19ef314bcdc64dee6e6ce6ff0ae4f575cb770a7c6032b29b5617ad2d
SSDEEP

6144:oNcHbZI8cKL2hFjJLwKAG2BDA1cMjpk9FHbhPxyM3tp5l:/c5h71t2dypk9FHdpy2pb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Scripzz v1.4/Rename Me v1.4.exe

Files

Scripzz v1.4_[unknowncheats.me]_.zip
.zip
Scripzz v1.4/README.txt
Scripzz v1.4/Rename Me v1.4.exe
.exe windows:6 windows x86 arch:x86

0a428aa8e58e5c425809cd61fce41758

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Temp\R6 No Recoil - ChasePlays\Source\Release\ImGui Standalone.pdb

Imports

d3d11

D3D11CreateDeviceAndSwapChain

kernel32

GetProcAddress
VerSetConditionMask
GetModuleHandleW
FreeLibrary
QueryPerformanceCounter
CreateThread
GlobalFree
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
SetEvent
GlobalAlloc
LoadLibraryA
CreateEventW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
MultiByteToWideChar
Sleep
QueryPerformanceFrequency
GetModuleHandleA
GlobalUnlock
WideCharToMultiByte
WaitForSingleObjectEx
GlobalLock
CloseHandle
ResetEvent

user32

DispatchMessageW
PeekMessageW
TranslateMessage
PostQuitMessage
UpdateWindow
GetWindowLongW
DefWindowProcW
AdjustWindowRectEx
GetKeyState
DestroyWindow
GetDC
SetWindowPos
MonitorFromWindow
EnumDisplayMonitors
CreateWindowExW
ScreenToClient
UnregisterClassW
SetWindowTextW
RegisterClassExW
WindowFromPoint
MessageBoxA
ShowWindow
GetCapture
GetMonitorInfoW
LoadCursorW
ClientToScreen
IsChild
TrackMouseEvent
GetForegroundWindow
SetLayeredWindowAttributes
SetFocus
BringWindowToTop
SetForegroundWindow
mouse_event
GetAsyncKeyState
SetClipboardData
GetClipboardData
ReleaseCapture
SetProcessDPIAware
GetClientRect
SetWindowLongW
SetCursor
SetCapture
IsIconic
SetCursorPos
ReleaseDC
GetCursorPos
OpenClipboard
CloseClipboard
EmptyClipboard

gdi32

GetDeviceCaps

msvcp140

?good@ios_base@std@@QBE_NXZ
?fail@ios_base@std@@QBE_NXZ
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UAE@XZ
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UAE@XZ
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPBD_J@Z
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPAD_J@Z
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JXZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IAE@XZ
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
??Bid@locale@std@@QAEIXZ
?_Random_device@std@@YAIXZ
?always_noconv@codecvt_base@std@@QBE_NXZ
??Bios_base@std@@QBE_NXZ
??1_Lockit@std@@QAE@XZ
??0_Lockit@std@@QAE@H@Z
?uncaught_exceptions@std@@YAHXZ
?_Getgloballocale@locale@std@@CAPAV_Locimp@12@XZ
?_Xinvalid_argument@std@@YAXPBD@Z
?_Xout_of_range@std@@YAXPBD@Z
?id@?$codecvt@DDU_Mbstatet@@@std@@2V0locale@2@A
?_Fiopen@std@@YAPAU_iobuf@@PBDHH@Z
?_Xlength_error@std@@YAXPBD@Z
?_Ipfx@?$basic_istream@DU?$char_traits@D@std@@@std@@QAE_N_N@Z
?snextc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAE_JPBD_J@Z
?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEDD@Z
?unshift@?$codecvt@DDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PAD1AAPAD@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ
?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QBE?AVlocale@2@XZ
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXXZ
?in@?$codecvt@DDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PBD1AAPBDPAD3AAPAD@Z
?out@?$codecvt@DDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PBD1AAPBDPAD3AAPAD@Z

imm32

ImmAssociateContextEx
ImmSetCompositionWindow
ImmReleaseContext
ImmGetContext
ImmSetCandidateWindow

d3dcompiler_47

D3DCompile

vcruntime140

_except_handler4_common
memset
_CxxThrowException
memmove
memcpy
memchr
__current_exception_context
__current_exception
strstr
__std_terminate
__std_exception_copy
__std_exception_destroy
__CxxFrameHandler3

api-ms-win-crt-runtime-l1-1-0

_crt_atexit
_cexit
terminate
_seh_filter_exe
_set_app_type
_register_onexit_function
_configure_wide_argv
_initialize_wide_environment
_get_wide_winmain_command_line
_initterm
_initterm_e
_exit
_errno
_c_exit
_register_thread_local_exe_atexit_callback
_initialize_onexit_table
_controlfp_s
exit
_invalid_parameter_noinfo_noreturn

api-ms-win-crt-stdio-l1-1-0

fflush
fclose
__p__commode
__stdio_common_vfprintf
__stdio_common_vsscanf
_wfopen
fputc
fgetc
fwrite
fseek
__acrt_iob_func
_set_fmode
ftell
_get_stream_buffer_pointers
__stdio_common_vsprintf_s
_fseeki64
fread
fsetpos
ungetc
setvbuf
fgetpos
__stdio_common_vsprintf

api-ms-win-crt-convert-l1-1-0

atof
strtof
strtol

api-ms-win-crt-filesystem-l1-1-0

_unlock_file
_lock_file

api-ms-win-crt-string-l1-1-0

strncpy
strncmp
strcpy_s

api-ms-win-crt-utility-l1-1-0

qsort

api-ms-win-crt-heap-l1-1-0

free
_set_new_mode
malloc
_callnewh

api-ms-win-crt-math-l1-1-0

_libm_sse2_sqrt_precise
ceil
_libm_sse2_sin_precise
_libm_sse2_cos_precise
_libm_sse2_acos_precise
_CIfmod
__setusermatherr

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

Sections

.text
Size: 329KB - Virtual size: 328KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 39KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Scripzz v1.4/config.txt
Scripzz v1.4/values.txt

Sharing

General

Malware Config

Signatures

Files

0a428aa8e58e5c425809cd61fce41758

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

d3d11

kernel32

user32

gdi32

msvcp140

imm32

d3dcompiler_47

vcruntime140

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-filesystem-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-utility-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-locale-l1-1-0

Sections

.text Size: 329KB - Virtual size: 328KB

.rdata Size: 39KB - Virtual size: 38KB

.data Size: 1KB - Virtual size: 2KB

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 10KB - Virtual size: 10KB

.text
Size: 329KB - Virtual size: 328KB

.rdata
Size: 39KB - Virtual size: 38KB

.data
Size: 1KB - Virtual size: 2KB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 10KB - Virtual size: 10KB