PVZ-eagrace支线V1[.]9[.]7[.]zip

Resubmissions

18/08/2024, 19:32

240818-x81w8atdlm 7

18/08/2024, 19:27

240818-x545gatcjj 7

18/08/2024, 19:25

240818-x43j9atbmp 7

Sharing

Copy URL Twitter E-mail

General

Target

PVZ-eagrace支线V1.9.7.zip
Size

72.4MB
MD5

9e1e66b24aaf0810ea925febffb23ae2
SHA1

0f28f4bf34497279647f38480d784365d4b2360c
SHA256

cc3059b30b04ec56e979456717aeb8c4ccbdee204619d405a6d2ad5d0dcb4ca4
SHA512

e5281ef35bb6a9da8b64c03a0342963fd4893f42528582cc6fbd78fb2dd3b40b7aecd13fdae8d880aee417011c00c9f9ab7086dbc552799ec4e385a1c5a9d4f1
SSDEEP

1572864:BuIWfNdwU+RmKN0NXbxc+fm/1d0k6TxJjDDILLPTXF2fmbLQBP2PfUPuW8jR:ktshRmKsrnaz0LTxdHC2eb0BPRPulV

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
static1/unpack001/PVZ-eagrace支线V1.9.7/PvZ_Tools_v2.3.4.exe	upx

Unsigned PE 4 IoCs

Checks for missing Authenticode signature.

resource
unpack001/PVZ-eagrace支线V1.9.7/PlantsVsZombies.exe
unpack001/PVZ-eagrace支线V1.9.7/bass.dll
unpack001/PVZ-eagrace支线V1.9.7/d3d8.dll
unpack001/PVZ-eagrace支线V1.9.7/你妈.dll

Files

PVZ-eagrace支线V1.9.7.zip
.zip
PVZ-eagrace支线V1.9.7/PlantsVsZombies.exe
.exe windows:4 windows x86 arch:x86

72b5f7140f032d0ab6c04972dad44354

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\Popcap\Lawn\releasefinal\PlantsVsZombies.pdb

Imports

kernel32

OutputDebugStringA
GetModuleFileNameA
GetModuleHandleA
WinExec
MapViewOfFile
CreateFileMappingA
GetCurrentProcessId
QueryPerformanceFrequency
QueryPerformanceCounter
GetTickCount
SetEndOfFile
SetEnvironmentVariableA
CreateFileW
GetLocaleInfoW
WriteConsoleW
LoadLibraryA
FreeLibrary
GetProcAddress
InterlockedDecrement
GetLastError
CloseHandle
FindNextFileA
Sleep
SetThreadPriority
GlobalFree
GetCurrentThread
GlobalLock
WaitForSingleObject
FindClose
GlobalUnlock
CreateMutexA
GlobalAlloc
GetCurrentThreadId
LeaveCriticalSection
GetVersionExA
FindFirstFileA
EnterCriticalSection
GetCommandLineA
MultiByteToWideChar
DeleteFileA
FileTimeToSystemTime
GetFileTime
GetSystemDirectoryA
CreateFileA
MulDiv
SetUnhandledExceptionFilter
GetCurrentProcess
OpenFileMappingA
IsBadWritePtr
UnmapViewOfFile
DeleteCriticalSection
CreateThread
GetThreadPriority
VirtualQuery
SetErrorMode
InitializeCriticalSection
InterlockedIncrement
GetCurrentDirectoryW
LoadLibraryW
GetWindowsDirectoryA
SetEvent
CreateEventA
LockResource
SizeofResource
LoadResource
GetFileSize
FindResourceA
WideCharToMultiByte
InterlockedExchange
InterlockedCompareExchange
GetLocaleInfoA
TerminateProcess
UnhandledExceptionFilter
IsDebuggerPresent
GetSystemTimeAsFileTime
ExitProcess
HeapFree
HeapAlloc
GetProcessHeap
GetStartupInfoA
GetLocalTime
ExitThread
ResumeThread
GetDriveTypeA
GetFullPathNameA
CreateDirectoryA
HeapReAlloc
RtlUnwind
RaiseException
LCMapStringA
LCMapStringW
GetCPInfo
GetTimeFormatA
GetDateFormatA
CompareStringA
CompareStringW
GetStringTypeA
GetStringTypeW
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetACP
GetOEMCP
IsValidCodePage
ReadFile
WriteFile
GetConsoleCP
GetConsoleMode
SetFilePointer
SetHandleCount
GetStdHandle
GetFileType
HeapSize
GetTimeZoneInformation
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
FlushFileBuffers
GetCurrentDirectoryA
SetCurrentDirectoryA
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
RemoveDirectoryA

user32

ShowCaret
CloseClipboard
TranslateMessage
DialogBoxIndirectParamA
RegisterWindowMessageA
DefWindowProcA
AdjustWindowRect
ShowWindow
EndDialog
GetDC
IsWindowEnabled
GetClipboardData
SetClipboardData
DispatchMessageA
EnumDisplaySettingsA
SetForegroundWindow
GetWindowTextA
IsIconic
GetWindowLongA
GetDlgItem
SetFocus
ChangeDisplaySettingsA
GetClientRect
GetWindowPlacement
SetWindowTextA
GetWindowRect
ScreenToClient
GetCursorPos
PostMessageA
EmptyClipboard
SetTimer
DestroyWindow
SetCaretPos
ReleaseDC
GetSystemMetrics
PeekMessageA
InvalidateRect
DefWindowProcW
CreateWindowExA
LoadIconA
CreateCursor
ReleaseCapture
WindowFromPoint
ClientToScreen
MoveWindow
EnumWindows
SystemParametersInfoA
MessageBoxW
SetWindowLongA
BeginPaint
EndPaint
OpenClipboard
RegisterClassA
DestroyCursor
SetCapture
SetActiveWindow
AdjustWindowRectEx
OffsetRect
GetWindowInfo
FillRect
DrawTextExA
GetSysColorBrush
DrawTextA
GetMessageA
IsDialogMessageA
GetFocus
GetSysColor
CreateWindowExW
GetDesktopWindow
IsWindow
PostThreadMessageA
HideCaret
CreateCaret
DestroyCaret
IsWindowVisible
SetCursor
MessageBoxA
SendMessageA
LoadCursorA
GetActiveWindow

wininet

InternetCloseHandle
InternetConnectA
HttpOpenRequestA
HttpQueryInfoA
InternetReadFile
HttpSendRequestA
InternetOpenA

winmm

timeGetTime
timeBeginPeriod
mixerGetLineControlsA
mixerOpen
mixerGetControlDetailsA
mixerSetControlDetails
timeEndPeriod
PlaySoundA
mixerGetDevCapsA
mixerGetLineInfoA
mixerClose

wsock32

inet_ntoa
recv
WSACleanup
select
htons
WSAGetLastError
socket
gethostbyname
ioctlsocket
closesocket
send
WSAStartup
__WSAFDIsSet
connect

��

CreateCompatibleDC
GetObjectA
GetStockObject
GetTextExtentPoint32A
GetTextMetricsA
SelectObject
DeleteObject
IntersectClipRect
CreateSolidBrush
TextOutA
SetBkMode
SetTextColor
DeleteDC
CreateDIBSection
CreateFontA
GetDeviceCaps
CreateFontIndirectA

advapi32

RegCloseKey
RegCreateKeyExA
RegDeleteValueA
RegSetValueExA
RegOpenKeyA
RegOpenKeyExA
RegQueryValueExA

shell32

ShellExecuteA

ole32

CoInitialize
CoCreateInstance

oleaut32

SysFreeString
SysAllocString
VariantClear

Sections

.text
Size: 2.3MB - Virtual size: 2.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 284KB - Virtual size: 283KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 56KB - Virtual size: 787KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 216KB - Virtual size: 215KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

PVZ
Size: 320KB - Virtual size: 320KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
PVZ-eagrace支线V1.9.7/PvZ_Tools_v2.3.4.exe
.exe windows:6 windows x86 arch:x86

Code Sign

f7:f6:e6:cd:36:28:fa:98:bf:ce:b4:68:ae:e9:39:83
Certificate

Issuer

CN=GoGetSSL RSA Codesigning CA,O=GoGetSSL,L=Riga,C=LV

Not Before

19/08/2019, 00:00

Not After

18/08/2021, 23:59

Subject

CN=Shenzhen Bitmoe Information Technology Co.\, Ltd.,O=Shenzhen Bitmoe Information Technology Co.\, Ltd.,POSTALCODE=518054,STREET=Rm A603\, Building G\, Nanshan E Commerce Innovation Service Ba,L=Shenzhen,ST=Guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1a:6e:54:ff:9f:9c:e0:f8:ea:cb:e7:a0:ab:56:9d:32
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

06/09/2018, 00:00

Not After

05/09/2028, 23:59

Subject

CN=GoGetSSL RSA Codesigning CA,O=GoGetSSL,L=Riga,C=LV

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02/05/2019, 00:00

Not After

18/01/2038, 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

3d:1a:35:72:30:15:82:63:30:d0:13:71:7e:82:41:08
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

02/05/2019, 00:00

Not After

01/08/2030, 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #1,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

a5:2b:83:84:8c:2e:d6:e5:81:af:6b:db:69:f2:23:b9:ed:f1:4f:59:0d:df:5d:f5:94:1d:27:ed:e0:ee:73:10
Signer

Actual PE Digest

a5:2b:83:84:8c:2e:d6:e5:81:af:6b:db:69:f2:23:b9:ed:f1:4f:59:0d:df:5d:f5:94:1d:27:ed:e0:ee:73:10

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 7.1MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 4.4MB - Virtual size: 4.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 111KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
PVZ-eagrace支线V1.9.7/bass.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

BASS_Apply3D
BASS_ChannelBytes2Seconds
BASS_ChannelGet3DAttributes
BASS_ChannelGet3DPosition
BASS_ChannelGetAttributes
BASS_ChannelGetData
BASS_ChannelGetDevice
BASS_ChannelGetEAXMix
BASS_ChannelGetInfo
BASS_ChannelGetLength
BASS_ChannelGetLevel
BASS_ChannelGetPosition
BASS_ChannelIsActive
BASS_ChannelIsSliding
BASS_ChannelPause
BASS_ChannelPlay
BASS_ChannelPreBuf
BASS_ChannelRemoveDSP
BASS_ChannelRemoveFX
BASS_ChannelRemoveLink
BASS_ChannelRemoveSync
BASS_ChannelSeconds2Bytes
BASS_ChannelSet3DAttributes
BASS_ChannelSet3DPosition
BASS_ChannelSetAttributes
BASS_ChannelSetDSP
BASS_ChannelSetEAXMix
BASS_ChannelSetFX
BASS_ChannelSetFlags
BASS_ChannelSetLink
BASS_ChannelSetPosition
BASS_ChannelSetSync
BASS_ChannelSlideAttributes
BASS_ChannelStop
BASS_ErrorGetCode
BASS_FXGetParameters
BASS_FXSetParameters
BASS_Free
BASS_Get3DFactors
BASS_Get3DPosition
BASS_GetCPU
BASS_GetConfig
BASS_GetDSoundObject
BASS_GetDevice
BASS_GetDeviceDescription
BASS_GetEAXParameters
BASS_GetInfo
BASS_GetVersion
BASS_GetVolume
BASS_Init
BASS_MusicFree
BASS_MusicGetAttribute
BASS_MusicGetName
BASS_MusicGetOrderPosition
BASS_MusicGetOrders
BASS_MusicLoad
BASS_MusicSetAttribute
BASS_Pause
BASS_PluginFree
BASS_PluginLoad
BASS_RecordFree
BASS_RecordGetDevice
BASS_RecordGetDeviceDescription
BASS_RecordGetInfo
BASS_RecordGetInput
BASS_RecordGetInputName
BASS_RecordInit
BASS_RecordSetDevice
BASS_RecordSetInput
BASS_RecordStart
BASS_SampleCreate
BASS_SampleCreateDone
BASS_SampleFree
BASS_SampleGetChannel
BASS_SampleGetInfo
BASS_SampleLoad
BASS_SampleSetInfo
BASS_SampleStop
BASS_Set3DFactors
BASS_Set3DPosition
BASS_SetConfig
BASS_SetDevice
BASS_SetEAXParameters
BASS_SetVolume
BASS_Start
BASS_Stop
BASS_StreamCreate
BASS_StreamCreateFile
BASS_StreamCreateFileUser
BASS_StreamCreateURL
BASS_StreamFree
BASS_StreamGetFilePosition
BASS_StreamGetTags
BASS_Update
_

Sections

Size: 85KB - Virtual size: 244KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 568B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
PVZ-eagrace支线V1.9.7/crash.txt
PVZ-eagrace支线V1.9.7/d3d8.dll
.dll windows:6 windows x86 arch:x86

db7205c854dcd8a9b1643433fb712f4e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

d3d9

Direct3DCreate9

kernel32

GetProcAddress
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcess
LoadLibraryW
UnhandledExceptionFilter
GetCurrentProcessId
GetCurrentThreadId
IsDebuggerPresent
InitializeSListHead
DisableThreadLibraryCalls
GetSystemTimeAsFileTime

user32

MessageBoxW
GetDC
ReleaseDC

gdi32

GetDeviceCaps

shell32

ShellExecuteW

msvcp140

?_Getgloballocale@locale@std@@CAPAV_Locimp@12@XZ
?_Init@locale@std@@CAPAV_Locimp@12@_N@Z
?_Xbad_alloc@std@@YAXXZ
?_Xregex_error@std@@YAXW4error_type@regex_constants@1@@Z
?id@?$ctype@D@std@@2V0locale@2@A
?id@?$collate@D@std@@2V0locale@2@A
??1_Lockit@std@@QAE@XZ
?_Getcat@?$ctype@D@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?tolower@?$ctype@D@std@@QBEPBDPADPBD@Z
?tolower@?$ctype@D@std@@QBEDD@Z
??1facet@locale@std@@MAE@XZ
??0facet@locale@std@@IAE@I@Z
?_Decref@facet@locale@std@@UAEPAV_Facet_base@3@XZ
?_Incref@facet@locale@std@@UAEXXZ
??Bid@locale@std@@QAEIXZ
?_Getcoll@_Locinfo@std@@QBE?AU_Collvec@@XZ
??1_Locinfo@std@@QAE@XZ
??0_Locinfo@std@@QAE@PBD@Z
_Strxfrm
?_Xlength_error@std@@YAXPBD@Z
?_Xout_of_range@std@@YAXPBD@Z
??0_Lockit@std@@QAE@H@Z
_Strcoll

vcruntime140

_except_handler4_common
__std_type_info_destroy_list
memset
_CxxThrowException
__current_exception_context
memmove
memcpy
__CxxFrameHandler3
__std_exception_destroy
memchr
strchr
__std_terminate
__std_exception_copy
__current_exception

api-ms-win-crt-runtime-l1-1-0

_configure_narrow_argv
terminate
_cexit
_crt_atexit
_execute_onexit_table
_register_onexit_function
_initialize_onexit_table
_initialize_narrow_environment
_initterm
_seh_filter_dll
_initterm_e
_invalid_parameter_noinfo_noreturn

api-ms-win-crt-heap-l1-1-0

malloc
_callnewh
realloc
free

api-ms-win-crt-convert-l1-1-0

strtoul

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vsprintf_s
__stdio_common_vsprintf

api-ms-win-crt-math-l1-1-0

ceil

Exports

Exports

Direct3DCreate8

Sections

.text
Size: 94KB - Virtual size: 93KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
PVZ-eagrace支线V1.9.7/main.pak
PVZ-eagrace支线V1.9.7/properties/LawnStrings.txt
PVZ-eagrace支线V1.9.7/properties/partner.xml
PVZ-eagrace支线V1.9.7/properties/partner.xml.sig
PVZ-eagrace支线V1.9.7/properties/partner_logo.jpg
.jpg
PVZ-eagrace支线V1.9.7/properties/resources .xml
.xml
PVZ-eagrace支线V1.9.7/properties/resources.xml
.xml
PVZ-eagrace支线V1.9.7/你妈.dll
.dll windows:5 windows x86 arch:x86

b1ff75e2aa73308a56a49674396d01d3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\Users\URF Li\Documents\Visual Studio 2008\Projects\外挂汉化\Release\gdi42.pdb

Imports

kernel32

RtlUnwind
RaiseException
HeapReAlloc
SetStdHandle
GetFileType
Sleep
ExitProcess
HeapSize
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
SetHandleCount
GetStdHandle
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapCreate
HeapDestroy
VirtualFree
QueryPerformanceCounter
GetTickCount
HeapFree
VirtualAlloc
InitializeCriticalSectionAndSpinCount
GetConsoleCP
GetConsoleMode
GetTimeZoneInformation
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetLocaleInfoA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
CreateFileA
SetEnvironmentVariableA
HeapAlloc
GetCommandLineA
GlobalFindAtomW
GetVersionExA
WritePrivateProfileStringW
GetFileTime
GetFileSizeEx
GetFileAttributesW
FileTimeToLocalFileTime
CreateFileW
GetFullPathNameW
GetVolumeInformationW
FindFirstFileW
FindClose
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
GlobalFlags
FileTimeToSystemTime
lstrlenA
CompareStringW
InterlockedIncrement
SetErrorMode
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
InterlockedDecrement
GlobalAddAtomW
CloseHandle
GlobalDeleteAtom
GetCurrentThread
GetCurrentThreadId
ConvertDefaultLocale
EnumResourceLanguagesW
lstrcmpA
GetLocaleInfoW
LoadLibraryW
CompareStringA
InterlockedExchange
lstrcmpW
FreeLibrary
GetModuleHandleW
GetModuleHandleA
WideCharToMultiByte
MultiByteToWideChar
GlobalFree
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageW
LocalFree
lstrlenW
GetCurrentProcessId
GetModuleFileNameW
GetLastError
SetLastError
FindResourceW
LoadResource
LockResource
SizeofResource
GetProcAddress
GetSystemTimeAsFileTime
LoadLibraryA

user32

DestroyMenu
RegisterWindowMessageW
LoadIconW
WinHelpW
GetCapture
GetClassLongW
SetPropW
GetPropW
RemovePropW
GetForegroundWindow
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
MapWindowPoints
SetMenu
SetForegroundWindow
GetClientRect
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
DefWindowProcW
CallWindowProcW
GetMenu
SystemParametersInfoA
IsIconic
GetWindowPlacement
CharUpperW
CopyRect
GetWindowRect
GetClassNameW
PtInRect
SetWindowPos
ShowWindow
SetWindowLongW
GetDlgCtrlID
IsWindow
SetWindowTextW
GetDlgItem
GetWindow
GetWindowTextW
LoadCursorW
GetSystemMetrics
GetSysColorBrush
MessageBoxW
EnableWindow
IsWindowEnabled
GetLastActivePopup
UnregisterClassW
UnhookWindowsHookEx
SetCursor
SetWindowsHookExW
CallNextHookEx
GetMessageW
TranslateMessage
DispatchMessageW
GetActiveWindow
IsWindowVisible
GetKeyState
PeekMessageW
GetWindowLongW
GetParent
SendMessageW
GetWindowThreadProcessId
GetSubMenu
GetMenuItemCount
GetMenuItemID
GetMenuState
TabbedTextOutW
DrawTextW
DrawTextExW
GrayStringW
ClientToScreen
GetDC
GetCursorPos
ValidateRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
GetFocus
ModifyMenuW
EnableMenuItem
CheckMenuItem
PostMessageW
PostQuitMessage
GetSysColor
ReleaseDC

gdi32

DeleteDC
CreateBitmap
GetStockObject
ScaleWindowExtEx
SetWindowExtEx
RectVisible
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
ExtTextOutW
CreateFontIndirectW
PtVisible
DeleteObject
GetClipBox
SetMapMode
SetBkColor
RestoreDC
SaveDC
GetDeviceCaps
TextOutA
SetTextColor
TextOutW

comdlg32

GetFileTitleW

winspool.drv

DocumentPropertiesW
OpenPrinterW
ClosePrinter

advapi32

RegSetValueExW
RegCreateKeyExW
RegQueryValueW
RegOpenKeyW
RegEnumKeyW
RegDeleteKeyW
RegOpenKeyExW
RegQueryValueExW
RegCloseKey

shlwapi

PathFindFileNameW
PathStripToRootW
PathIsUNCW
PathFindExtensionW

oleaut32

VariantClear
VariantChangeType
VariantInit

Exports

Exports

CreateCompatibleDC
CreateDIBSection
CreateFontA
CreateFontIndirectA
CreateSolidBrush
DeleteDC
DeleteObject
GetDeviceCaps
GetObjectA
GetStockObject
GetTextExtentPoint32A
GetTextMetricsA
IntersectClipRect
SelectObject
SetBkMode
SetTextColor
TextOutA

Sections

.text
Size: 145KB - Virtual size: 144KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.shared
Size: 512B - Virtual size: 2B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Size: 56KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
PVZ-eagrace支线V1.9.7/没什么卵用的清除音效缓存脚本.bat
PVZ-eagrace支线V1.9.7/玩前必读!!!!!!!!!!!!!!!!!!.txt

Resubmissions

Sharing

General

Malware Config

Signatures

Files

72b5f7140f032d0ab6c04972dad44354

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

wininet

winmm

wsock32

����

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 2.3MB - Virtual size: 2.3MB

.rdata Size: 284KB - Virtual size: 283KB

.data Size: 56KB - Virtual size: 787KB

.rsrc Size: 216KB - Virtual size: 215KB

PVZ Size: 320KB - Virtual size: 320KB

Code Sign

f7:f6:e6:cd:36:28:fa:98:bf:ce:b4:68:ae:e9:39:83Certificate

Extended Key Usages

Key Usages

1a:6e:54:ff:9f:9c:e0:f8:ea:cb:e7:a0:ab:56:9d:32Certificate

Extended Key Usages

Key Usages

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9Certificate

Extended Key Usages

Key Usages

3d:1a:35:72:30:15:82:63:30:d0:13:71:7e:82:41:08Certificate

Extended Key Usages

Key Usages

a5:2b:83:84:8c:2e:d6:e5:81:af:6b:db:69:f2:23:b9:ed:f1:4f:59:0d:df:5d:f5:94:1d:27:ed:e0:ee:73:10Signer

Headers

DLL Characteristics

File Characteristics

Sections

UPX0 Size: - Virtual size: 7.1MB

UPX1 Size: 4.4MB - Virtual size: 4.4MB

.rsrc Size: 111KB - Virtual size: 112KB

Headers

File Characteristics

Exports

Exports

Sections

Size: 85KB - Virtual size: 244KB

.rsrc Size: 568B - Virtual size: 4KB

Size: - Virtual size: 4KB

Size: 4KB - Virtual size: 3KB

db7205c854dcd8a9b1643433fb712f4e

Headers

DLL Characteristics

File Characteristics

Imports

d3d9

kernel32

user32

gdi32

shell32

msvcp140

vcruntime140

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-math-l1-1-0

Exports

Exports

Sections

.text Size: 94KB - Virtual size: 93KB

.rdata Size: 17KB - Virtual size: 17KB

.data Size: 1KB - Virtual size: 2KB

��

.text
Size: 2.3MB - Virtual size: 2.3MB

.rdata
Size: 284KB - Virtual size: 283KB

.data
Size: 56KB - Virtual size: 787KB

.rsrc
Size: 216KB - Virtual size: 215KB

PVZ
Size: 320KB - Virtual size: 320KB

f7:f6:e6:cd:36:28:fa:98:bf:ce:b4:68:ae:e9:39:83
Certificate

1a:6e:54:ff:9f:9c:e0:f8:ea:cb:e7:a0:ab:56:9d:32
Certificate

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

3d:1a:35:72:30:15:82:63:30:d0:13:71:7e:82:41:08
Certificate

a5:2b:83:84:8c:2e:d6:e5:81:af:6b:db:69:f2:23:b9:ed:f1:4f:59:0d:df:5d:f5:94:1d:27:ed:e0:ee:73:10
Signer

UPX0
Size: - Virtual size: 7.1MB

UPX1
Size: 4.4MB - Virtual size: 4.4MB

.rsrc
Size: 111KB - Virtual size: 112KB

.rsrc
Size: 568B - Virtual size: 4KB

.text
Size: 94KB - Virtual size: 93KB

.rdata
Size: 17KB - Virtual size: 17KB

.data
Size: 1KB - Virtual size: 2KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 4KB - Virtual size: 4KB

.text
Size: 145KB - Virtual size: 144KB

.rdata
Size: 34KB - Virtual size: 34KB

.data
Size: 8KB - Virtual size: 23KB

.shared
Size: 512B - Virtual size: 2B

.rsrc
Size: 12KB - Virtual size: 11KB

.reloc
Size: 28KB - Virtual size: 27KB