mоdmenu gta5[.]rar

Sharing

Copy URL Twitter E-mail

General

Target

mоdmenu gta5.rar
Size

115.4MB
MD5

93db904de83748576586ef417f3364c3
SHA1

e21f0307a6d675d4d48b166c95f40ecde2b0b450
SHA256

be755b146bb0167ce1c3ead0bc618d8c94c8fa37a2152db95bebc8f51bc8cbaf
SHA512

fb3c9d40b8677ee34be6d31fcae49311656543836975f0467e48d462e87fed7273a43a0ce195c69481f28ef609b00c2fa71445a28f9cf029e4fbc80437e55869
SSDEEP

3145728:cdzGpPhgkAHW8ALi5o8tQXIRUF7tcH3C81sSEd:kzGvgrWOoAQ4GttcXC8u3d

Score

7^/10

themida

Malware Config

Signatures

Themida packer 1 IoCs

Detects Themida, an advanced Windows software protection system.

themida

resource	yara_rule
static1/unpack001/mоdmenu gta5/V2/modest-menu.exe	themida

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/mоdmenu gta5/V2/modest-menu.exe
unpack001/mоdmenu gta5/scriрts/MailKit.dll

Files

mоdmenu gta5.rar
.rar

Password: 2024
mоdmenu gta5/Readme.txt
mоdmenu gta5/V2/config.json
mоdmenu gta5/V2/modest-menu.exe
.exe windows:6 windows x64 arch:x64

Password: 2024

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

Size: 1019KB - Virtual size: 2.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Size: 76KB - Virtual size: 178KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 512B - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 23KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 1KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.idata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.themida
Size: - Virtual size: 25.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.boot
Size: 15.4MB - Virtual size: 15.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
mоdmenu gta5/V2/scripts/Readme.api
mоdmenu gta5/V2/scripts/demo.lua
mоdmenu gta5/V2/scripts/menu.lua
mоdmenu gta5/V2/scripts/sirius.lua.example
mоdmenu gta5/V2/scripts/vehicle.lua
mоdmenu gta5/V2/scripts/weapon.lua
mоdmenu gta5/V2/themes.json
mоdmenu gta5/config.json
mоdmenu gta5/modest-menu.exe
.exe windows:5 windows x86 arch:x86

Password: 2024

bf95d1fc1d10de18b32654b123ad5e1f

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0a:ee:6b:b1:7d:06:13:6b:a5:92:d6:aa:c7:fc:a6:20
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

19/12/2023, 00:00

Not After

07/03/2027, 23:59

Subject

CN=Bandicam Company Corp.,O=Bandicam Company Corp.,L=Yeongdeungpo-gu,ST=Seoul,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0a:ee:6b:b1:7d:06:13:6b:a5:92:d6:aa:c7:fc:a6:20
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

19/12/2023, 00:00

Not After

07/03/2027, 23:59

Subject

CN=Bandicam Company Corp.,O=Bandicam Company Corp.,L=Yeongdeungpo-gu,ST=Seoul,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

dc:db:64:74:10:89:a3:26:78:7e:57:f1:c1:26:51:ca:3c:ac:ba:3f:cc:cb:42:6f:b6:a9:91:ed:31:59:a9:03
Signer

Actual PE Digest

dc:db:64:74:10:89:a3:26:78:7e:57:f1:c1:26:51:ca:3c:ac:ba:3f:cc:cb:42:6f:b6:a9:91:ed:31:59:a9:03

Digest Algorithm

sha256

PE Digest Matches

false

ee:5b:cf:b8:02:34:88:d9:1e:be:23:70:29:65:19:1e:42:a5:1a:4b
Signer

Actual PE Digest

ee:5b:cf:b8:02:34:88:d9:1e:be:23:70:29:65:19:1e:42:a5:1a:4b

Digest Algorithm

sha1

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetFileTime
CompareFileTime
SearchPathW
GetShortPathNameW
GetFullPathNameW
MoveFileW
SetCurrentDirectoryW
GetFileAttributesW
GetLastError
CreateDirectoryW
SetFileAttributesW
Sleep
GetTickCount
GetFileSize
GetModuleFileNameW
GetCurrentProcess
CopyFileW
ExitProcess
GetWindowsDirectoryW
GetTempPathW
GetCommandLineW
SetErrorMode
lstrcpynA
CloseHandle
lstrcpynW
GetDiskFreeSpaceW
GlobalUnlock
GlobalLock
CreateThread
LoadLibraryW
CreateProcessW
lstrcmpiA
CreateFileW
GetTempFileNameW
lstrcatW
GetProcAddress
LoadLibraryA
GetModuleHandleA
OpenProcess
lstrcpyW
GetVersionExW
GetSystemDirectoryW
GetVersion
lstrcpyA
RemoveDirectoryW
lstrcmpiW
lstrcmpW
ExpandEnvironmentStringsW
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
GlobalFree
GetModuleHandleW
LoadLibraryExW
FreeLibrary
WritePrivateProfileStringW
GetPrivateProfileStringW
WideCharToMultiByte
MulDiv
lstrlenA
WriteFile
ReadFile
MultiByteToWideChar
SetFilePointer
FindClose
FindNextFileW
FindFirstFileW
DeleteFileW
lstrlenW

user32

ScreenToClient
GetMessagePos
CallWindowProcW
IsWindowVisible
LoadBitmapW
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
TrackPopupMenu
GetWindowRect
AppendMenuW
CreatePopupMenu
GetSystemMetrics
EndDialog
EnableMenuItem
GetSystemMenu
SetClassLongW
IsWindowEnabled
SetWindowPos
DialogBoxParamW
CheckDlgButton
CreateWindowExW
SystemParametersInfoW
RegisterClassW
SetDlgItemTextW
GetDlgItemTextW
MessageBoxIndirectW
CharNextA
CharUpperW
CharPrevW
DispatchMessageW
PeekMessageW
wsprintfA
DestroyWindow
CreateDialogParamW
SetTimer
SetWindowTextW
PostQuitMessage
SetForegroundWindow
ShowWindow
wsprintfW
SendMessageTimeoutW
LoadCursorW
SetCursor
GetWindowLongW
GetSysColor
CharNextW
GetClassInfoW
ExitWindowsEx
FindWindowExW
GetDlgItem
SetWindowLongW
LoadImageW
GetDC
EnableWindow
InvalidateRect
SendMessageW
DefWindowProcW
BeginPaint
GetClientRect
FillRect
DrawTextW
EndPaint
IsWindow

gdi32

SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectW
SetBkMode
SetTextColor
SelectObject

shell32

SHBrowseForFolderW
SHGetPathFromIDListW
SHGetFileInfoW
ShellExecuteW
SHFileOperationW
SHGetSpecialFolderLocation

advapi32

RegEnumKeyW
RegOpenKeyExW
RegCloseKey
RegDeleteKeyW
RegDeleteValueW
RegCreateKeyExW
RegSetValueExW
RegQueryValueExW
RegEnumValueW

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

CoTaskMemFree
OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

Sections

.text
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 452KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 516KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 45KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$TEMP/Cialis
$TEMP/Fun
$TEMP/Gorgeous
$TEMP/Learned
$TEMP/Merge
$TEMP/Ocean
$TEMP/Respect
$TEMP/Seeker
$TEMP/Speech
CdRaising/Direction
CdRaising/Periods
CdRaising/Vital
DisputeImpaired/Dealtime
HideRural/Also
HideRural/Charges
HideRural/Spectacular
mоdmenu gta5/scriрts/0cnkwaa9q5.txt
.js
mоdmenu gta5/scriрts/0dn0mq0w0b.txt
.js
mоdmenu gta5/scriрts/0dtyyww8nd.txt
.js
mоdmenu gta5/scriрts/0ebo92q6y6.txt
.js
mоdmenu gta5/scriрts/0fbgb0t96l.txt
.js
mоdmenu gta5/scriрts/0gha3a1obr.txt
.js
mоdmenu gta5/scriрts/0h5rxtglhd.txt
.js
mоdmenu gta5/scriрts/BL.dat
mоdmenu gta5/scriрts/MailKit.dll
.dll windows:4 windows x86 arch:x86

Password: 2024

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\src\MailKit\MailKit\obj\Release\net48\MailKit.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 835KB - Virtual size: 834KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
mоdmenu gta5/scriрts/Readme.api
mоdmenu gta5/scriрts/fastboot.vdi
mоdmenu gta5/scriрts/freebl3.dll
.dll windows:10 windows x64 arch:x64

Password: 2024

96ef0c6648b0605b9be40bfaffeed830

Code Sign

0c:e7:e0:e5:17:d8:46:fe:8f:e5:60:fc:1b:f0:30:39
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

10/11/2006, 00:00

Not After

10/11/2031, 00:00

Subject

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2013, 12:00

Not After

22/10/2028, 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0c:1c:d3:ee:a4:7e:dd:a7:a0:32:57:3b:01:4d:0a:fd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

09/04/2021, 00:00

Not After

19/06/2024, 23:59

Subject

CN=Mozilla Corporation,OU=Firefox Engineering Operations,O=Mozilla Corporation,L=Mountain View,ST=California,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

6d:fe:08:bb:49:75:25:a1:2a:18:fc:8d:39:1b:4e:3b:15:8f:42:52:ed:a5:fb:ad:cf:a5:ee:83:bf:c4:fc:87
Signer

Actual PE Digest

6d:fe:08:bb:49:75:25:a1:2a:18:fc:8d:39:1b:4e:3b:15:8f:42:52:ed:a5:fb:ad:cf:a5:ee:83:bf:c4:fc:87

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

freebl3.pdb

Imports

nss3

NSS_SecureMemcmp
NSS_SecureMemcmpZero
NSS_SecureSelect
PORT_Alloc_Util
PORT_ArenaAlloc_Util
PORT_ArenaZAlloc_Util
PORT_FreeArena_Util
PORT_Free_Util
PORT_GetError_Util
PORT_NewArena_Util
PORT_SetError_Util
PORT_ZAllocAlignedOffset_Util
PORT_ZAlloc_Util
PORT_ZFree_Util
PR_CallOnce
PR_DestroyCondVar
PR_DestroyLock
PR_GetEnvSecure
PR_Lock
PR_NewCondVar
PR_NewLock
PR_NotifyAllCondVar
PR_NotifyCondVar
PR_Unlock
PR_WaitCondVar
SECITEM_AllocItem_Util
SECITEM_CompareItem_Util
SECITEM_CopyItem_Util
SECITEM_FreeItem_Util
SECITEM_ZfreeItem_Util
SECOID_FindOIDTag_Util

advapi32

SystemFunction036

kernel32

DisableThreadLibraryCalls
GetComputerNameA
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetDiskFreeSpaceA
GetLogicalDrives
GetSystemTimeAsFileTime
GetTickCount
GetVolumeInformationA
GlobalMemoryStatus
InitializeSListHead
IsDebuggerPresent
IsProcessorFeaturePresent
QueryPerformanceCounter
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
SetUnhandledExceptionFilter
TerminateProcess
UnhandledExceptionFilter

vcruntime140

__C_specific_handler
__std_type_info_destroy_list
memcmp
memcpy
memset

api-ms-win-crt-stdio-l1-1-0

__acrt_iob_func
__stdio_common_vfprintf

api-ms-win-crt-string-l1-1-0

_strdup
strlen

api-ms-win-crt-time-l1-1-0

_time64

api-ms-win-crt-runtime-l1-1-0

_cexit
_configure_narrow_argv
_execute_onexit_table
_initialize_narrow_environment
_initialize_onexit_table
_initterm
_initterm_e
_seh_filter_dll
abort
exit

api-ms-win-crt-heap-l1-1-0

calloc
free
malloc

Exports

Exports

FREEBL_GetVector

Sections

.text
Size: 695KB - Virtual size: 695KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 175KB - Virtual size: 175KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.00cfg
Size: 512B - Virtual size: 40B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.voltbl
Size: 512B - Virtual size: 15B

.rsrc
Size: 1024B - Virtual size: 888B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
mоdmenu gta5/scriрts/remote_settings.ini
mоdmenu gta5/scriрts/sirius.lua.example

Sharing

General

Malware Config

Signatures

Files

Password: 2024

Password: 2024

Headers

DLL Characteristics

File Characteristics

Sections

Size: 1019KB - Virtual size: 2.0MB

Size: 76KB - Virtual size: 178KB

Size: 512B - Virtual size: 17KB

Size: 23KB - Virtual size: 34KB

Size: 1KB - Virtual size: 8KB

.idata Size: 1KB - Virtual size: 4KB

.rsrc Size: 34KB - Virtual size: 34KB

.themida Size: - Virtual size: 25.0MB

.boot Size: 15.4MB - Virtual size: 15.4MB

Password: 2024

bf95d1fc1d10de18b32654b123ad5e1f

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9Certificate

Extended Key Usages

Key Usages

0a:ee:6b:b1:7d:06:13:6b:a5:92:d6:aa:c7:fc:a6:20Certificate

Extended Key Usages

Key Usages

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16Certificate

Extended Key Usages

Key Usages

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate

Extended Key Usages

Key Usages

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate

Key Usages

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9Certificate

Extended Key Usages

Key Usages

0a:ee:6b:b1:7d:06:13:6b:a5:92:d6:aa:c7:fc:a6:20Certificate

Extended Key Usages

Key Usages

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16Certificate

Extended Key Usages

Key Usages

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate

Extended Key Usages

Key Usages

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate

Key Usages

dc:db:64:74:10:89:a3:26:78:7e:57:f1:c1:26:51:ca:3c:ac:ba:3f:cc:cb:42:6f:b6:a9:91:ed:31:59:a9:03Signer

ee:5b:cf:b8:02:34:88:d9:1e:be:23:70:29:65:19:1e:42:a5:1a:4bSigner

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

advapi32

comctl32

ole32

version

Sections

.text Size: 26KB - Virtual size: 25KB

.rdata Size: 6KB - Virtual size: 6KB

.data Size: 512B - Virtual size: 452KB

.ndata Size: - Virtual size: 516KB

.rsrc Size: 45KB - Virtual size: 45KB

Password: 2024

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mscoree

Sections

.idata
Size: 1KB - Virtual size: 4KB

.rsrc
Size: 34KB - Virtual size: 34KB

.themida
Size: - Virtual size: 25.0MB

.boot
Size: 15.4MB - Virtual size: 15.4MB

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

0a:ee:6b:b1:7d:06:13:6b:a5:92:d6:aa:c7:fc:a6:20
Certificate

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

0a:ee:6b:b1:7d:06:13:6b:a5:92:d6:aa:c7:fc:a6:20
Certificate

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

dc:db:64:74:10:89:a3:26:78:7e:57:f1:c1:26:51:ca:3c:ac:ba:3f:cc:cb:42:6f:b6:a9:91:ed:31:59:a9:03
Signer

ee:5b:cf:b8:02:34:88:d9:1e:be:23:70:29:65:19:1e:42:a5:1a:4b
Signer

.text
Size: 26KB - Virtual size: 25KB

.rdata
Size: 6KB - Virtual size: 6KB

.data
Size: 512B - Virtual size: 452KB

.ndata
Size: - Virtual size: 516KB

.rsrc
Size: 45KB - Virtual size: 45KB

.text
Size: 835KB - Virtual size: 834KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 12B

0c:e7:e0:e5:17:d8:46:fe:8f:e5:60:fc:1b:f0:30:39
Certificate

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

0c:1c:d3:ee:a4:7e:dd:a7:a0:32:57:3b:01:4d:0a:fd
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

6d:fe:08:bb:49:75:25:a1:2a:18:fc:8d:39:1b:4e:3b:15:8f:42:52:ed:a5:fb:ad:cf:a5:ee:83:bf:c4:fc:87
Signer

.text
Size: 695KB - Virtual size: 695KB

.rdata
Size: 175KB - Virtual size: 175KB

.data
Size: 512B - Virtual size: 18KB

.pdata
Size: 7KB - Virtual size: 6KB

.00cfg
Size: 512B - Virtual size: 40B

.voltbl
Size: 512B - Virtual size: 15B

.rsrc
Size: 1024B - Virtual size: 888B

.reloc
Size: 1KB - Virtual size: 1KB