Mafia-Definitive-Edition-ScriptHook-Installer_r96[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

Mafia-Definitive-Edition-ScriptHook-Installer_r96.exe
Size

15.8MB
MD5

f00b5ecd55cc37ad2d6cd19a3cf7e20a
SHA1

236f357a15d6313df7ad51cd5fa266bee2406b8a
SHA256

e48b98ccb959d8485e3dfbafdcddd488352040de4e4cc623d036310c94603724
SHA512

cca50c6f2c2568a4f663bca63746bde575b404a91600d258a8a0122649afc90c24e97e328cc5670644ab958889b28a4a20af5a18243f33b7397db2a7481f98ea
SSDEEP

393216:kM7tpq6qnehxC41BrN5hMYrsgVlZmbeuGxIoVCowdjsrZ0HTbRXS44Bey:k8TwehQ+BrNPtPSaWmVQjsobRSuy

Score

3^/10

Malware Config

Signatures

Unsigned PE 3 IoCs

Checks for missing Authenticode signature.

resource
unpack001/$PLUGINSDIR/System.dll
unpack001/$PLUGINSDIR/UserInfo.dll
unpack001/$PLUGINSDIR/nsDialogs.dll

NSIS installer 2 IoCs

installer

resource	yara_rule
sample	nsis_installer_1
sample	nsis_installer_2

Files

Mafia-Definitive-Edition-ScriptHook-Installer_r96.exe
.exe windows:4 windows x86 arch:x86

Password: mafia

7c2c71dfce9a27650634dc8b1ca03bf0

Code Sign

12:01:2f:36:88:74:61:37:29:e1:2c:e0:8a:30:d9:b2
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

14/04/2021, 00:00

Not After

11/04/2022, 23:59

Subject

CN=Jan Schmitter,O=Jan Schmitter,L=Bedburg,ST=Nordrhein-Westfalen,C=DE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

39:72:44:3a:f9:22:b7:51:d7:d3:6c:10:dd:31:35:95
Certificate

Issuer

CN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

12/03/2019, 00:00

Not After

31/12/2028, 23:59

Subject

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02/11/2018, 00:00

Not After

31/12/2030, 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

f9:b7:4a:e7:54:45:f4:0a:c6:10:e8:32:2f:f1:35:1b:4f:57:2c:11
Signer

Actual PE Digest

f9:b7:4a:e7:54:45:f4:0a:c6:10:e8:32:2f:f1:35:1b:4f:57:2c:11

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetEnvironmentVariableA
CreateFileA
GetFileSize
GetModuleFileNameA
ReadFile
GetCurrentProcess
CopyFileA
Sleep
GetTickCount
GetWindowsDirectoryA
GetTempPathA
GetCommandLineA
lstrlenA
GetVersion
SetErrorMode
lstrcpynA
ExitProcess
SetFileAttributesA
GlobalLock
CreateThread
GetLastError
CreateDirectoryA
CreateProcessA
RemoveDirectoryA
GetTempFileNameA
WriteFile
lstrcpyA
MoveFileExA
lstrcatA
GetSystemDirectoryA
GetProcAddress
GetExitCodeProcess
WaitForSingleObject
CompareFileTime
SetFileTime
GetFileAttributesA
SetCurrentDirectoryA
MoveFileA
GetFullPathNameA
GetShortPathNameA
SearchPathA
CloseHandle
lstrcmpiA
GlobalUnlock
GetDiskFreeSpaceA
lstrcmpA
DeleteFileA
FindFirstFileA
FindNextFileA
FindClose
SetFilePointer
GetPrivateProfileStringA
WritePrivateProfileStringA
MulDiv
MultiByteToWideChar
FreeLibrary
LoadLibraryExA
GetModuleHandleA
GlobalAlloc
GlobalFree
ExpandEnvironmentStringsA

user32

GetSystemMenu
SetClassLongA
EnableMenuItem
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
SetCursor
LoadCursorA
CheckDlgButton
GetMessagePos
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
ScreenToClient
GetWindowRect
GetDlgItem
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxIndirectA
CharPrevA
DispatchMessageA
PeekMessageA
GetDC
ReleaseDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
EndDialog
RegisterClassA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
CharNextA
ExitWindowsEx
LoadImageA
CreateDialogParamA
SetTimer
SetWindowTextA
SetForegroundWindow
ShowWindow
SetWindowLongA
SendMessageTimeoutA
FindWindowExA
IsWindow
AppendMenuA
TrackPopupMenu
CreatePopupMenu
DrawTextA
EndPaint
DestroyWindow
wsprintfA
PostQuitMessage

gdi32

SelectObject
SetTextColor
SetBkMode
CreateFontIndirectA
CreateBrushIndirect
DeleteObject
GetDeviceCaps
SetBkColor

shell32

SHGetSpecialFolderLocation
ShellExecuteExA
SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
SHFileOperationA

advapi32

AdjustTokenPrivileges
RegCreateKeyExA
RegOpenKeyExA
SetFileSecurityA
OpenProcessToken
LookupPrivilegeValueA
RegEnumValueA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegSetValueExA
RegQueryValueExA
RegEnumKeyA

comctl32

ImageList_Create
ImageList_AddMasked
ord17
ImageList_Destroy

ole32

OleUninitialize
OleInitialize
CoTaskMemFree
CoCreateInstance

Sections

.text
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 76KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 41KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/System.dll
.dll windows:4 windows x86 arch:x86

Password: mafia

8c8a576201f68de1a3f26fc723b9f30f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

MultiByteToWideChar
GlobalFree
GlobalSize
lstrcpynA
lstrcpyA
GetProcAddress
VirtualFree
FreeLibrary
lstrlenA
LoadLibraryA
GetModuleHandleA
GlobalAlloc
WideCharToMultiByte
VirtualAlloc
VirtualProtect
GetLastError

user32

wsprintfA

ole32

StringFromGUID2
CLSIDFromString

Exports

Exports

Alloc
Call
Copy
Free
Get
Int64Op
Store
StrAlloc

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 867B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 104B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 636B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/UserInfo.dll
.dll windows:4 windows x86 arch:x86

Password: mafia

cce05dea98cbac3a9d486b233588f528

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetVersion
GetCurrentProcess
GlobalAlloc
GetCurrentThread
GetModuleHandleA
GetProcAddress
GetLastError
GlobalFree
CloseHandle
lstrcpynA

advapi32

OpenThreadToken
OpenProcessToken
GetTokenInformation
AllocateAndInitializeSid
EqualSid
FreeSid
GetUserNameA

Exports

Exports

GetAccountType
GetName
GetOriginalAccountType

Sections

.text
Size: 1024B - Virtual size: 700B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 705B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 88B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 240B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/modern-wizard.bmp
$PLUGINSDIR/nsDialogs.dll
.dll windows:4 windows x86 arch:x86

Password: mafia

ebc2d915841be8afc8fa1ee9f6850960

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetFileAttributesA
lstrcpyA
MulDiv
lstrlenA
HeapFree
GetCurrentDirectoryA
lstrcmpiA
GetProcessHeap
HeapReAlloc
GlobalFree
lstrcpynA
GlobalAlloc
SetCurrentDirectoryA
HeapAlloc

user32

DestroyWindow
CallWindowProcA
SetCursor
LoadCursorA
GetPropA
CharPrevA
DrawFocusRect
GetWindowLongA
DrawTextA
GetClientRect
SetWindowLongA
GetDlgItem
GetSysColor
SetWindowPos
CreateDialogParamA
MapDialogRect
GetWindowRect
SetPropA
CreateWindowExA
IsWindow
SetTimer
KillTimer
DispatchMessageA
TranslateMessage
GetMessageA
IsDialogMessageA
ShowWindow
wsprintfA
CharNextA
SendMessageA
MapWindowPoints
RemovePropA
GetWindowTextA

gdi32

SetTextColor

shell32

SHBrowseForFolderA
SHGetPathFromIDListA

comdlg32

GetSaveFileNameA
GetOpenFileNameA
CommDlgExtendedError

ole32

CoTaskMemFree

Exports

Exports

Create
CreateControl
CreateItem
CreateTimer
GetUserData
KillTimer
OnBack
OnChange
OnClick
OnNotify
SelectFileDialog
SelectFolderDialog
SetRTL
SetUserData
Show

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 152B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 628B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ScriptHook/LICENSE
ScriptHook/core.dll
.dll windows:6 windows x64 arch:x64

Password: mafia

919f38e9ae25fe1b5ca3f406e27305c8

Code Sign

12:01:2f:36:88:74:61:37:29:e1:2c:e0:8a:30:d9:b2
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

14/04/2021, 00:00

Not After

11/04/2022, 23:59

Subject

CN=Jan Schmitter,O=Jan Schmitter,L=Bedburg,ST=Nordrhein-Westfalen,C=DE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

39:72:44:3a:f9:22:b7:51:d7:d3:6c:10:dd:31:35:95
Certificate

Issuer

CN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

12/03/2019, 00:00

Not After

31/12/2028, 23:59

Subject

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02/11/2018, 00:00

Not After

31/12/2030, 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

52:ba:5e:5e:d4:5a:b9:39:05:22:23:3b:a4:c4:0f:5c:bb:09:13:af
Signer

Actual PE Digest

52:ba:5e:5e:d4:5a:b9:39:05:22:23:3b:a4:c4:0f:5c:bb:09:13:af

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\runners\mplus\actions-runner\_work\MPlus\MPlus\NomadFX\bin\Win64\Shipping\projects\mplus\core.pdb

Imports

shlwapi

PathCanonicalizeA
PathCanonicalizeW

winhttp

WinHttpConnect
WinHttpOpenRequest
WinHttpQueryHeaders
WinHttpCloseHandle
WinHttpOpen
WinHttpCrackUrl
WinHttpReceiveResponse
WinHttpSendRequest

dbghelp

SymInitialize
SymFromAddr
SymSetOptions
SymGetOptions

version

VerQueryValueW
VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA
GetFileVersionInfoW
GetFileVersionInfoSizeW

ws2_32

recv
send
socket
WSAGetLastError
__WSAFDIsSet
select
WSASetLastError
bind
connect
getpeername
getsockname
getsockopt
htons
ntohs
setsockopt
WSAIoctl
WSACleanup
ntohl
accept
htonl
listen
ioctlsocket
getaddrinfo
freeaddrinfo
inet_pton
WSAStartup
closesocket

crypt32

CertFreeCertificateChain
CertGetCertificateChain
CertFreeCertificateChainEngine
CertCreateCertificateChainEngine
CryptQueryObject
CertGetNameStringA
CertFindExtension
CertAddCertificateContextToStore
CryptDecodeObjectEx
PFXImportCertStore
CryptStringToBinaryA
CertFreeCertificateContext
CertFindCertificateInStore
CertEnumCertificatesInStore
CertCloseStore
CertOpenStore

kernel32

InitializeSListHead
GetWindowsDirectoryW
VirtualAlloc
VirtualFree
OpenThread
SetThreadContext
Thread32Next
GetVersionExA
ResumeThread
IsDebuggerPresent
IsProcessorFeaturePresent
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
ResetEvent
SuspendThread
GetCurrentDirectoryA
RtlCaptureContext
AreFileApisANSI
HeapCreate
HeapFree
GetCurrentDirectoryW
GetFileInformationByHandle
Thread32First
ExitProcess
GetModuleHandleW
GetModuleHandleA
VirtualProtect
LoadLibraryA
GetProcAddress
GetLastError
GetConsoleScreenBufferInfo
SetConsoleTextAttribute
SetConsoleTitleA
GetStdHandle
OutputDebugStringA
AttachConsole
GetCurrentProcessId
GetConsoleWindow
AllocConsole
GetModuleFileNameA
GetModuleFileNameW
lstrcatW
lstrcpyW
GetSystemInfo
GetSystemTime
SystemTimeToFileTime
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
InitOnceExecuteOnce
MultiByteToWideChar
WideCharToMultiByte
CloseHandle
VirtualQuery
FreeLibrary
LoadLibraryExW
CreateToolhelp32Snapshot
Module32FirstW
Module32NextW
CreateDirectoryW
DeleteFileW
FindClose
FindFirstFileW
FindNextFileW
RemoveDirectoryW
QueryPerformanceCounter
QueryPerformanceFrequency
GetTickCount64
GetCurrentProcess
GetCurrentThread
CreateFileW
GetFileAttributesW
LockFileEx
SetEndOfFile
UnlockFileEx
GetFileType
RaiseException
SetUnhandledExceptionFilter
SetEvent
WaitForSingleObject
SleepEx
CreateEventW
Sleep
TerminateProcess
CreateThread
GetCurrentThreadId
CreateProcessW
FlushInstructionCache
OpenProcess
GetVersion
DeleteCriticalSection
InitializeConditionVariable
WakeConditionVariable
SleepConditionVariableCS
GetThreadId
OutputDebugStringW
GetLocalTime
FormatMessageW
GetFileSizeEx
ReadFile
SetFilePointerEx
WriteFile
FindFirstFileExW
GetFileTime
InitializeCriticalSectionAndSpinCount
TryEnterCriticalSection
LoadLibraryW
FormatMessageA
ReadProcessMemory
SetLastError
SetNamedPipeHandleState
TransactNamedPipe
CreateNamedPipeW
WaitNamedPipeW
GetSystemTimeAsFileTime
LocalFree
GlobalAlloc
GlobalFree
GlobalLock
GlobalUnlock
GetTickCount
InitializeCriticalSectionEx
GetSystemDirectoryA
MoveFileExA
GetEnvironmentVariableA
VerSetConditionMask
VerifyVersionInfoW
WaitForSingleObjectEx
VerifyVersionInfoA
CreateFileA
FlushFileBuffers
MapViewOfFile
CreateFileMappingW
GetProcessHeap
GetFileSize
UnlockFile
HeapDestroy
HeapCompact
HeapAlloc
HeapReAlloc
DeleteFileA
FlushViewOfFile
GetFileAttributesExW
GetFileAttributesA
GetDiskFreeSpaceA
GetTempPathA
HeapSize
HeapValidate
UnmapViewOfFile
CreateMutexW
GetTempPathW
GetFullPathNameA
SetFilePointer
LockFile
GetDiskFreeSpaceW
GetFullPathNameW
GetThreadContext

user32

SetWindowLongPtrW
MessageBoxA
ShowCursor
GetWindowLongPtrW
CallWindowProcW
LoadBitmapA
DefWindowProcW
GetUpdateRect
SetCursor
PostQuitMessage
UpdateLayeredWindow
PostMessageA
ClientToScreen
TrackMouseEvent
RegisterRawInputDevices
ClipCursor
SetCapture
ReleaseCapture
LoadImageW
GetRawInputData
MapVirtualKeyW
OpenClipboard
CloseClipboard
EmptyClipboard
GetClipboardData
SetClipboardData
IsClipboardFormatAvailable
GetWindowLongW
GetMessageW
PostMessageW
GetWindowRect
DestroyWindow
SetWindowPos
CreateWindowExW
SendMessageW
GetSystemMetrics
UnregisterClassW
SetWindowTextW
RegisterClassExW
IsWindow
DispatchMessageW
SetTimer
PeekMessageW
AdjustWindowRect
SetLayeredWindowAttributes
TranslateMessage
LoadCursorW
SetWindowLongW
GetClientRect
IsZoomed
KillTimer
GetDesktopWindow
InvalidateRect
GetWindowTextW
ScreenToClient
ToUnicode
GetCursorPos
MessageBoxW
ShowWindow
SetWindowTextA
GetClassInfoW

gdi32

GetStockObject

advapi32

BuildSecurityDescriptorW
RegCloseKey
RegQueryInfoKeyW
RegOpenKeyExW
RegEnumValueW
GetUserNameA
CryptDestroyHash
CryptHashData
CryptCreateHash
CryptGetHashParam
BuildExplicitAccessWithNameW
ConvertStringSecurityDescriptorToSecurityDescriptorW
SystemFunction036
CryptAcquireContextA
CryptReleaseContext
CryptGenRandom

shell32

ShellExecuteA
ShellExecuteW

ole32

CoUninitialize
CoInitializeEx
CoSetProxyBlanket
CoCreateInstance
CoCreateGuid

oleaut32

VariantClear

msvcp140

?_Pninc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEAAPEA_WXZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ
??0?$basic_iostream@_WU?$char_traits@_W@std@@@std@@QEAA@PEAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z
??1?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UEAA@XZ
?_Lock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UEAAXXZ
?_Unlock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UEAAXXZ
?showmanyc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAA_JXZ
?uflow@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAAGXZ
?xsgetn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAA_JPEA_W_J@Z
??0?$basic_ios@_WU?$char_traits@_W@std@@@std@@IEAA@XZ
??0?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEAA@XZ
?sputc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QEAAG_W@Z
?setstate@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QEAAXH_N@Z
?sputn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QEAA_JPEB_W_J@Z
?flush@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV12@XZ
?_Osfx@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAXXZ
?id@?$ctype@_W@std@@2V0locale@2@A
?id@?$collate@D@std@@2V0locale@2@A
?id@?$ctype@D@std@@2V0locale@2@A
?_Xregex_error@std@@YAXW4error_type@regex_constants@1@@Z
?_Getcat@?$ctype@D@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?tolower@?$ctype@D@std@@QEBAPEBDPEADPEBD@Z
?tolower@?$ctype@D@std@@QEBADD@Z
?_Getcoll@_Locinfo@std@@QEBA?AU_Collvec@@XZ
_Strxfrm
_Strcoll
?tellg@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA?AV?$fpos@U_Mbstatet@@@2@XZ
?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
?_Rethrow_future_exception@std@@YAXVexception_ptr@1@@Z
?_Throw_future_error@std@@YAXAEBVerror_code@1@@Z
?_LogWorkItemCompleted@_TaskEventLogger@details@Concurrency@@QEAAXXZ
?_LogWorkItemStarted@_TaskEventLogger@details@Concurrency@@QEAAXXZ
?_LogTaskExecutionCompleted@_TaskEventLogger@details@Concurrency@@QEAAXXZ
?_LogTaskCompleted@_TaskEventLogger@details@Concurrency@@QEAAXXZ
?_LogCancelTask@_TaskEventLogger@details@Concurrency@@QEAAXXZ
?_LogScheduleTask@_TaskEventLogger@details@Concurrency@@QEAAX_N@Z
??0task_continuation_context@Concurrency@@AEAA@XZ
?ReportUnhandledError@_ExceptionHolder@details@Concurrency@@AEAAXXZ
?_Capture@_ContextCallback@details@Concurrency@@AEAAXXZ
?_Reset@_ContextCallback@details@Concurrency@@AEAAXXZ
?_CallInContext@_ContextCallback@details@Concurrency@@QEBAXV?$function@$$A6AXXZ@std@@_N@Z
?GetCurrentThreadId@platform@details@Concurrency@@YAJXZ
?_ReportUnobservedException@details@Concurrency@@YAXXZ
?_Release_chore@details@Concurrency@@YAXPEAU_Threadpool_chore@12@@Z
?_Schedule_chore@details@Concurrency@@YAHPEAU_Threadpool_chore@12@@Z
?_XGetLastError@std@@YAXXZ
?_Execute_once@std@@YAHAEAUonce_flag@1@P6AHPEAX1PEAPEAX@Z1@Z
_Cnd_unregister_at_thread_exit
_Cnd_register_at_thread_exit
_Cnd_broadcast
_Cnd_timedwait
_Mtx_current_owns
?__ExceptionPtrRethrow@@YAXPEBX@Z
?__ExceptionPtrCurrentException@@YAXPEAX@Z
?__ExceptionPtrToBool@@YA_NPEBX@Z
?__ExceptionPtrAssign@@YAXPEAXPEBX@Z
?__ExceptionPtrCopy@@YAXPEAXPEBX@Z
?__ExceptionPtrDestroy@@YAXPEAX@Z
?__ExceptionPtrCreate@@YAXPEAX@Z
??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
?xsputn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAA_JPEB_W_J@Z
?setbuf@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAAPEAV12@PEA_W_J@Z
?sync@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAAHXZ
?imbue@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAAXAEBVlocale@2@@Z
??1?$basic_ios@_WU?$char_traits@_W@std@@@std@@UEAA@XZ
??1?$basic_iostream@_WU?$char_traits@_W@std@@@std@@UEAA@XZ
?getloc@ios_base@std@@QEBA?AVlocale@2@XZ
?_Getcat@?$ctype@_W@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?widen@?$ctype@_W@std@@QEBA_WD@Z
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAXAEBVlocale@2@@Z
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAPEAV12@PEAD_J@Z
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@_K@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@I@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@H@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@PEBX@Z
?snextc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?_Ipfx@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA_N_N@Z
?read@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@PEAD_J@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@K@Z
?clear@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
??0_Locinfo@std@@QEAA@PEBD@Z
?_Xbad_alloc@std@@YAXXZ
?_Winerror_map@std@@YAHH@Z
?_Xlength_error@std@@YAXPEBD@Z
?_Syserror_map@std@@YAPEBDH@Z
?_Getcvt@_Locinfo@std@@QEBA?AU_Cvtvec@@XZ
?_Xout_of_range@std@@YAXPEBD@Z
??1_Lockit@std@@QEAA@XZ
??0_Lockit@std@@QEAA@H@Z
?_Getgloballocale@locale@std@@CAPEAV_Locimp@12@XZ
?uncaught_exception@std@@YA_NXZ
?id@?$codecvt@DDU_Mbstatet@@@std@@2V0locale@2@A
?_Fiopen@std@@YAPEAU_iobuf@@PEBDHH@Z
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ
?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEBA?AVlocale@2@XZ
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
?unshift@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEAD1AEAPEAD@Z
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXXZ
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
?in@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
?out@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ
??1_Locinfo@std@@QEAA@XZ
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
?always_noconv@codecvt_base@std@@QEBA_NXZ
??Bid@locale@std@@QEAA_KXZ
?_Throw_C_error@std@@YAXH@Z
_Mtx_unlock
?_Xbad_function_call@std@@YAXXZ
_Mtx_destroy_in_situ
_Mtx_lock
_Mtx_init_in_situ
?_Xinvalid_argument@std@@YAXPEBD@Z
?setw@std@@YA?AU?$_Smanip@_J@1@_J@Z
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADD@Z
?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?put@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@D@Z
?write@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@PEBD_J@Z
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UEAA@XZ
_Query_perf_frequency
_Query_perf_counter
_Cnd_signal
_Cnd_init_in_situ
?_Throw_Cpp_error@std@@YAXH@Z
_Cnd_do_broadcast_at_thread_exit
_Thrd_sleep
_Cnd_wait
_Thrd_id
_Xtime_get_ticks
_Thrd_join
_Cnd_destroy_in_situ
?_Init@locale@std@@CAPEAV_Locimp@12@_N@Z
?id@?$numpunct@D@std@@2V0locale@2@A
??1facet@locale@std@@MEAA@XZ
??0facet@locale@std@@IEAA@_K@Z
?_Decref@facet@locale@std@@UEAAPEAV_Facet_base@3@XZ
?_Incref@facet@locale@std@@UEAAXXZ
?_Gettrue@_Locinfo@std@@QEBAPEBDXZ
?_Getfalse@_Locinfo@std@@QEBAPEBDXZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@G@Z

dwmapi

DwmGetWindowAttribute

vcruntime140_1

__CxxFrameHandler4

vcruntime140

__std_exception_destroy
_purecall
__std_terminate
memcpy
memmove
memset
memcmp
strchr
strrchr
_CxxThrowException
__intrinsic_setjmp
strstr
__C_specific_handler
memchr
__std_type_info_destroy_list
__current_exception_context
__current_exception
longjmp
__CxxFrameHandler3
__std_exception_copy

api-ms-win-crt-heap-l1-1-0

realloc
_callnewh
calloc
free
_msize
malloc

api-ms-win-crt-runtime-l1-1-0

strerror_s
_errno
_initialize_narrow_environment
_beginthreadex
terminate
_initterm_e
_invalid_parameter_noinfo_noreturn
_initterm
abort
signal
_cexit
_crt_atexit
_execute_onexit_table
_register_onexit_function
_initialize_onexit_table
_configure_narrow_argv
_seh_filter_dll
_endthreadex
exit
__sys_nerr
strerror
set_terminate

api-ms-win-crt-stdio-l1-1-0

fgets
fseek
fopen
_get_stream_buffer_pointers
getc
_wfopen
fopen_s
feof
fgetc
freopen_s
_fseeki64
fread
_wopen
__stdio_common_vsprintf_s
puts
fwrite
fgetpos
fputs
setvbuf
__stdio_common_vsnprintf_s
ungetc
fsetpos
_close
__stdio_common_vsprintf
__stdio_common_vfprintf
__acrt_iob_func
ftell
ferror
_locking
__stdio_common_vsscanf
fclose
__stdio_common_vsprintf_p
fflush
fputc

api-ms-win-crt-filesystem-l1-1-0

_unlock_file
_wfullpath
_stat64
_access
_wstat64
_splitpath_s
_wstat64i32
_mkdir
_wsplitpath_s
_lock_file
_unlink

api-ms-win-crt-convert-l1-1-0

_strtod_l
strtol
strtoul
strtod
strtoll
strtoull
strtof
wcstombs

api-ms-win-crt-math-l1-1-0

_dsign
fmax
sqrtf
_ldsign
_fdclass
roundf
_dclass
_fdsign
ceilf
cosf
floorf
ldexp
pow
sinf
_ldclass

api-ms-win-crt-string-l1-1-0

isalpha
_wcsdup
_wcsicmp
toupper
strcmp
tolower
_wcsnicmp
_strdup
strncpy_s
strncmp
_memccpy
isprint
isupper
strncpy
strcpy_s
strcat_s
strspn
strcspn
strpbrk

api-ms-win-crt-locale-l1-1-0

localeconv
___lc_codepage_func
_create_locale

api-ms-win-crt-environment-l1-1-0

getenv
_wgetenv

api-ms-win-crt-time-l1-1-0

_mkgmtime64
_gmtime64
_time64
_localtime64_s
strftime

api-ms-win-crt-utility-l1-1-0

rand_s
qsort

Exports

Exports

Init
PreInit
PreInit_DInput

Sections

.text
Size: 2.2MB - Virtual size: 2.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 430KB - Virtual size: 430KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 27KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 103KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

CPADinfo
Size: 512B - Virtual size: 56B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 228KB - Virtual size: 227KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ScriptHook/crashpad_handler.exe
.exe windows:6 windows x64 arch:x64

Password: mafia

c0f7d05b08083213cedabea23a7b898d

Code Sign

12:01:2f:36:88:74:61:37:29:e1:2c:e0:8a:30:d9:b2
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

14/04/2021, 00:00

Not After

11/04/2022, 23:59

Subject

CN=Jan Schmitter,O=Jan Schmitter,L=Bedburg,ST=Nordrhein-Westfalen,C=DE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

39:72:44:3a:f9:22:b7:51:d7:d3:6c:10:dd:31:35:95
Certificate

Issuer

CN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

12/03/2019, 00:00

Not After

31/12/2028, 23:59

Subject

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02/11/2018, 00:00

Not After

31/12/2030, 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

25:a8:da:b3:d2:d2:25:9d:5a:e2:f0:05:ac:0d:f4:86:c4:cd:7d:e1
Signer

Actual PE Digest

25:a8:da:b3:d2:d2:25:9d:5a:e2:f0:05:ac:0d:f4:86:c4:cd:7d:e1

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

powrprof

CallNtPowerInformation

user32

SetWindowLongPtrW
GetWindowLongPtrW
DestroyWindow
CreateWindowExW
UnregisterClassW
DefWindowProcW
PostMessageW
DispatchMessageW
TranslateMessage
GetMessageW
RegisterClassW

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

winhttp

WinHttpQueryHeaders
WinHttpReceiveResponse
WinHttpAddRequestHeaders
WinHttpSendRequest
WinHttpWriteData
WinHttpOpenRequest
WinHttpSetTimeouts
WinHttpCrackUrl
WinHttpOpen
WinHttpCloseHandle
WinHttpConnect
WinHttpReadData

advapi32

ConvertStringSecurityDescriptorToSecurityDescriptorW
BuildExplicitAccessWithNameW
BuildSecurityDescriptorW
RevertToSelf
ImpersonateNamedPipeClient
SystemFunction036

kernel32

CreateProcessW
Sleep
SleepEx
GetFileAttributesW
DeleteFileW
FindFirstFileExW
GetStartupInfoW
IsDebuggerPresent
InitializeSListHead
QueryPerformanceCounter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
WaitForSingleObjectEx
ResetEvent
InitOnceExecuteOnce
DeleteCriticalSection
FindNextFileW
GetFileTime
RemoveDirectoryW
InitializeCriticalSection
CreateDirectoryW
GetSystemTimeAsFileTime
SetUnhandledExceptionFilter
SetProcessShutdownParameters
SetConsoleCtrlHandler
GetProcessTimes
SuspendThread
ResumeThread
GetProcessId
GetThreadContext
Wow64GetThreadContext
IsProcessorFeaturePresent
GetSystemInfo
GetVersionExW
GetTimeZoneInformation
GetThreadLocale
GetSystemDefaultLCID
GetUserDefaultLCID
GetModuleFileNameW
DuplicateHandle
GetLastError
ConnectNamedPipe
DisconnectNamedPipe
CreateIoCompletionPort
GetQueuedCompletionStatus
PostQueuedCompletionStatus
SetEvent
WaitForSingleObject
CreateEventW
GetCurrentProcess
TerminateProcess
CreateThread
OpenProcess
UnregisterWaitEx
RegisterWaitForSingleObject
GetFileInformationByHandleEx
SetLastError
IsWow64Process
GetModuleHandleW
FormatMessageA
VirtualQueryEx
ReadProcessMemory
FindClose
CloseHandle
GetProcAddress
LoadLibraryW
CreateFileW
SetNamedPipeHandleState
TransactNamedPipe
CreateNamedPipeW
WaitNamedPipeW
GetVersion
ReleaseSemaphore
CreateSemaphoreW
GetStdHandle
GetFileType
LockFileEx
ReadFile
SetEndOfFile
SetFilePointerEx
UnlockFileEx
WriteFile
LocalFree
OutputDebugStringW
GetCurrentProcessId
GetCurrentThreadId
GetLocalTime
FormatMessageW
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount

msvcp140

??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z
?setw@std@@YA?AU?$_Smanip@_J@1@_J@Z
?_Raise_handler@std@@3P6AXAEBVexception@stdext@@@ZEA
?_Xlength_error@std@@YAXPEBD@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@_K@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@PEBX@Z
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAXAEBVlocale@2@@Z
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAPEAV12@PEAD_J@Z
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADD@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@H@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@I@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@_J@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@J@Z
?_Xout_of_range@std@@YAXPEBD@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAVios_base@1@AEAV21@@Z@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@K@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@G@Z
?_Xbad_alloc@std@@YAXXZ
?put@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@D@Z

vcruntime140

__std_exception_copy
__std_exception_destroy
_CxxThrowException
memcmp
__current_exception_context
__current_exception
__std_terminate
__C_specific_handler
strchr
_purecall
memset
memmove
memcpy
memchr

vcruntime140_1

__CxxFrameHandler4

api-ms-win-crt-runtime-l1-1-0

_initialize_onexit_table
_register_onexit_function
_cexit
signal
_initialize_wide_environment
_invalid_parameter_noinfo_noreturn
terminate
_configure_wide_argv
_c_exit
__p___argc
_set_app_type
_seh_filter_exe
_invoke_watson
exit
_register_thread_local_exe_atexit_callback
_initterm_e
abort
_initterm
__p___wargv
_crt_atexit
_errno
_get_wide_winmain_command_line
_exit

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vsscanf
fflush
__p__commode
__stdio_common_vsprintf
_set_fmode
__stdio_common_vsprintf_p
__acrt_iob_func
__stdio_common_vfprintf

api-ms-win-crt-string-l1-1-0

tolower
wcsnlen
wcsncmp
strnlen
strncmp
_wcsicmp
isspace

api-ms-win-crt-time-l1-1-0

_time64

api-ms-win-crt-heap-l1-1-0

malloc
_aligned_free
free
_aligned_malloc
_callnewh
_set_new_mode

api-ms-win-crt-convert-l1-1-0

strtoul
strtoull

api-ms-win-crt-math-l1-1-0

__setusermatherr
_dclass

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

api-ms-win-crt-filesystem-l1-1-0

_wstat64

api-ms-win-crt-environment-l1-1-0

getenv

Sections

.text
Size: 394KB - Virtual size: 394KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 146KB - Virtual size: 146KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

CPADinfo
Size: 512B - Virtual size: 56B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ScriptHook/data/LICENSE
ScriptHook/data/discord_game_sdk.dll
.dll windows:6 windows x64 arch:x64

Password: mafia

e2e8552d3acf24f9596a702c655d73d8

Code Sign

02:8a:a6:e7:b5:16:c0:d1:55:f1:5d:62:90:a4:30:e3
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

26/03/2018, 00:00

Not After

31/03/2021, 12:00

Subject

SERIALNUMBER=5128862,CN=Discord Inc.,O=Discord Inc.,L=San Francisco,ST=California,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130844656c6177617265,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

03:01:9a:02:3a:ff:58:b1:6b:d6:d5:ea:e6:17:f0:66
Certificate

Issuer

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2014, 00:00

Not After

22/10/2024, 00:00

Subject

CN=DigiCert Timestamp Responder,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

06:fd:f9:03:96:03:ad:ea:00:0a:eb:3f:27:bb:ba:1b
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

10/11/2006, 00:00

Not After

10/11/2021, 00:00

Subject

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageEmailProtection
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

1b:64:b0:ac:d8:16:1d:e5:87:74:8b:bc:b7:69:1b:a6:ef:fe:9d:d6
Signer

Actual PE Digest

1b:64:b0:ac:d8:16:1d:e5:87:74:8b:bc:b7:69:1b:a6:ef:fe:9d:d6

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

c:\b\tyrande-1\discord\discord-game-sdk\target\x86_64-pc-windows-msvc\release\deps\discord_game_sdk.pdb

Imports

ws2_32

closesocket
sendto
getaddrinfo
WSAStartup
freeaddrinfo
WSACleanup
WSASocketW
ioctlsocket
recv
bind
WSAGetLastError

kernel32

LCMapStringW
WideCharToMultiByte
MultiByteToWideChar
GetCommandLineA
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
FindFirstFileExW
GetModuleHandleExW
LoadLibraryExW
TlsFree
InitializeCriticalSectionAndSpinCount
EncodePointer
LoadLibraryW
GetLastError
GetProcAddress
FreeLibrary
GetModuleFileNameW
SetErrorMode
SetThreadErrorMode
lstrlenW
WaitForSingleObject
GetExitCodeProcess
CloseHandle
GetFileInformationByHandle
CancelIoEx
WriteFile
ReadFile
GetOverlappedResult
FlushFileBuffers
CreateIoCompletionPort
GetQueuedCompletionStatusEx
PostQueuedCompletionStatus
SetHandleInformation
GetSystemInfo
RtlVirtualUnwind
GetSystemTimeAsFileTime
QueryPerformanceCounter
QueryPerformanceFrequency
GetCurrentThread
RtlCaptureContext
LoadLibraryA
DeleteCriticalSection
LeaveCriticalSection
FreeEnvironmentStringsW
FindClose
SwitchToThread
SetLastError
GetCurrentDirectoryW
GetEnvironmentStringsW
GetEnvironmentVariableW
GetTempPathW
GetCommandLineW
SetFilePointerEx
InitializeCriticalSection
EnterCriticalSection
TerminateProcess
GetCurrentProcessId
GetProcessHeap
HeapAlloc
TlsAlloc
TlsGetValue
TlsSetValue
HeapReAlloc
GetModuleHandleW
GetStdHandle
FindNextFileW
CreateFileW
DeviceIoControl
CreateDirectoryW
FindFirstFileW
DeleteFileW
FormatMessageW
ExitProcess
CreateThread
GetConsoleMode
WriteConsoleW
ReleaseMutex
WaitForSingleObjectEx
CreateMutexA
InterlockedFlushSList
GetFileType
GetStringTypeW
HeapSize
SetStdHandle
GetConsoleCP
GetCurrentProcess
HeapFree
RaiseException
RtlPcToFileHeader
RtlUnwindEx
IsProcessorFeaturePresent
GetStartupInfoW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsDebuggerPresent
RtlLookupFunctionEntry
InitializeSListHead
GetCurrentThreadId

advapi32

SystemFunction036
RegCloseKey
RegCreateKeyTransactedW
RegSetValueExW
RegQueryValueExW
RegOpenKeyExW

ktmw32

CommitTransaction
CreateTransaction

ole32

CoTaskMemFree

shell32

ShellExecuteExW
SHGetKnownFolderPath

Exports

Exports

DiscordCreate
DiscordVersion
rust_eh_personality

Sections

.text
Size: 2.7MB - Virtual size: 2.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 851KB - Virtual size: 851KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 130KB - Virtual size: 129KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ScriptHook/data/lua/extensions/commandArgumentType.lua
ScriptHook/data/lua/extensions/d3d.lua
.js
ScriptHook/data/lua/extensions/string.lua
ScriptHook/data/lua/extensions/table.lua
.js
ScriptHook/data/lua/extensions/threads.lua
.js
ScriptHook/data/lua/game/PlayerModelIDs.lua
ScriptHook/data/lua/game/TeleportSpots.lua
ScriptHook/data/lua/game/VehicleModelIDs.lua
ScriptHook/data/lua/game/WeaponIDs.lua
ScriptHook/data/lua/game/WeatherIDs.lua
ScriptHook/data/lua/main.lua
ScriptHook/data/lua/modules/util.lua
.js
ScriptHook/data/ref_epic_1.0.0.nmd
ScriptHook/data/ref_epic_1.1.0.nmd
ScriptHook/data/ref_epic_1.2.0.nmd
ScriptHook/data/ref_epic_1.3.0.nmd
ScriptHook/data/ref_steam_1.0.0.nmd
ScriptHook/data/ref_steam_1.1.0.nmd
ScriptHook/data/ref_steam_1.2.0.nmd
ScriptHook/data/ref_steam_1.3.0.nmd
ScriptHook/data/scripts/trainer/LICENSE
ScriptHook/data/scripts/trainer/README.md
ScriptHook/data/scripts/trainer/main.lua
ScriptHook/data/scripts/trainer/manifest.json
ScriptHook/data/scripts/trainer/menu/Environment.lua
ScriptHook/data/scripts/trainer/menu/HUD.lua
ScriptHook/data/scripts/trainer/menu/Player.lua
ScriptHook/data/scripts/trainer/menu/Police.lua
ScriptHook/data/scripts/trainer/menu/Teleport.lua
ScriptHook/data/scripts/trainer/menu/Vehicle.lua
ScriptHook/data/scripts/trainer/menu/Weapons.lua
ScriptHook/data/scripts/trainer/menu/menu.lua
ScriptHook/data/scripts/trainer/settings/noclip.lua
ScriptHook/data/scripts/trainer/webui.lua
ScriptHook/data/steam_api64.dll
.dll windows:5 windows x64 arch:x64

Password: mafia

289b2254a2c1e14995dd9995d1686fdb

Code Sign

0c:e7:e0:e5:17:d8:46:fe:8f:e5:60:fc:1b:f0:30:39
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

10/11/2006, 00:00

Not After

10/11/2031, 00:00

Subject

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

05:4f:46:6c:ec:cb:e9:d6:be:e8:1f:54:35:e6:4d:47
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

04/10/2018, 00:00

Not After

07/10/2021, 12:00

Subject

CN=Valve,O=Valve,L=Bellevue,ST=WA,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2013, 12:00

Not After

22/10/2028, 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

a5:d3:b9:84:07:45:9d:93:c1:d9:e5:cb:28:cd:9a:ba:21:a4:d6:29
Signer

Actual PE Digest

a5:d3:b9:84:07:45:9d:93:c1:d9:e5:cb:28:cd:9a:ba:21:a4:d6:29

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

c:\buildslave\steam_rel_client_win64\build\src\steam_api\win64\Release\steam_api64.pdb

Imports

kernel32

TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
LoadLibraryExW
OpenProcess
GetExitCodeProcess
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
LoadLibraryExA
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleExW
GetCommandLineW
GetEnvironmentVariableA
SetEnvironmentVariableA
OutputDebugStringA
GetFileAttributesW
MultiByteToWideChar
WideCharToMultiByte
GetLastError
FreeLibrary
CloseHandle
GetProcAddress
SetEndOfFile
ReadConsoleW
SetEvent
ResetEvent
WaitForSingleObjectEx
CreateEventW
GetModuleHandleW
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
RtlPcToFileHeader
RaiseException
RtlUnwindEx
InterlockedFlushSList
SetLastError
EncodePointer
GetCurrentProcess
TerminateProcess
ExitProcess
GetModuleFileNameA
HeapFree
HeapAlloc
GetACP
GetStdHandle
GetFileType
GetStringTypeW
LCMapStringW
FindClose
FindFirstFileExA
FindNextFileA
IsValidCodePage
GetOEMCP
GetCPInfo
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetProcessHeap
SetStdHandle
FlushFileBuffers
WriteFile
GetConsoleCP
GetConsoleMode
CreateFileW
HeapSize
HeapReAlloc
SetFilePointerEx
WriteConsoleW
ReadFile

advapi32

RegOpenKeyExW
RegCloseKey
RegQueryValueExW

shell32

ShellExecuteW

Exports

Exports

GetHSteamPipe
GetHSteamUser
SteamAPI_GetHSteamPipe
SteamAPI_GetHSteamUser
SteamAPI_GetSteamInstallPath
SteamAPI_ISteamAppList_GetAppBuildId
SteamAPI_ISteamAppList_GetAppInstallDir
SteamAPI_ISteamAppList_GetAppName
SteamAPI_ISteamAppList_GetInstalledApps
SteamAPI_ISteamAppList_GetNumInstalledApps
SteamAPI_ISteamApps_BGetDLCDataByIndex
SteamAPI_ISteamApps_BIsAppInstalled
SteamAPI_ISteamApps_BIsCybercafe
SteamAPI_ISteamApps_BIsDlcInstalled
SteamAPI_ISteamApps_BIsLowViolence
SteamAPI_ISteamApps_BIsSubscribed
SteamAPI_ISteamApps_BIsSubscribedApp
SteamAPI_ISteamApps_BIsSubscribedFromFamilySharing
SteamAPI_ISteamApps_BIsSubscribedFromFreeWeekend
SteamAPI_ISteamApps_BIsVACBanned
SteamAPI_ISteamApps_GetAppBuildId
SteamAPI_ISteamApps_GetAppInstallDir
SteamAPI_ISteamApps_GetAppOwner
SteamAPI_ISteamApps_GetAvailableGameLanguages
SteamAPI_ISteamApps_GetCurrentBetaName
SteamAPI_ISteamApps_GetCurrentGameLanguage
SteamAPI_ISteamApps_GetDLCCount
SteamAPI_ISteamApps_GetDlcDownloadProgress
SteamAPI_ISteamApps_GetEarliestPurchaseUnixTime
SteamAPI_ISteamApps_GetFileDetails
SteamAPI_ISteamApps_GetInstalledDepots
SteamAPI_ISteamApps_GetLaunchCommandLine
SteamAPI_ISteamApps_GetLaunchQueryParam
SteamAPI_ISteamApps_InstallDLC
SteamAPI_ISteamApps_MarkContentCorrupt
SteamAPI_ISteamApps_RequestAllProofOfPurchaseKeys
SteamAPI_ISteamApps_RequestAppProofOfPurchaseKey
SteamAPI_ISteamApps_UninstallDLC
SteamAPI_ISteamClient_BReleaseSteamPipe
SteamAPI_ISteamClient_BShutdownIfAllPipesClosed
SteamAPI_ISteamClient_ConnectToGlobalUser
SteamAPI_ISteamClient_CreateLocalUser
SteamAPI_ISteamClient_CreateSteamPipe
SteamAPI_ISteamClient_GetIPCCallCount
SteamAPI_ISteamClient_GetISteamAppList
SteamAPI_ISteamClient_GetISteamApps
SteamAPI_ISteamClient_GetISteamController
SteamAPI_ISteamClient_GetISteamFriends
SteamAPI_ISteamClient_GetISteamGameSearch
SteamAPI_ISteamClient_GetISteamGameServer
SteamAPI_ISteamClient_GetISteamGameServerStats
SteamAPI_ISteamClient_GetISteamGenericInterface
SteamAPI_ISteamClient_GetISteamHTMLSurface
SteamAPI_ISteamClient_GetISteamHTTP
SteamAPI_ISteamClient_GetISteamInput
SteamAPI_ISteamClient_GetISteamInventory
SteamAPI_ISteamClient_GetISteamMatchmaking
SteamAPI_ISteamClient_GetISteamMatchmakingServers
SteamAPI_ISteamClient_GetISteamMusic
SteamAPI_ISteamClient_GetISteamMusicRemote
SteamAPI_ISteamClient_GetISteamNetworking
SteamAPI_ISteamClient_GetISteamParentalSettings
SteamAPI_ISteamClient_GetISteamParties
SteamAPI_ISteamClient_GetISteamRemotePlay
SteamAPI_ISteamClient_GetISteamRemoteStorage
SteamAPI_ISteamClient_GetISteamScreenshots
SteamAPI_ISteamClient_GetISteamUGC
SteamAPI_ISteamClient_GetISteamUser
SteamAPI_ISteamClient_GetISteamUserStats
SteamAPI_ISteamClient_GetISteamUtils
SteamAPI_ISteamClient_GetISteamVideo
SteamAPI_ISteamClient_ReleaseUser
SteamAPI_ISteamClient_SetLocalIPBinding
SteamAPI_ISteamClient_SetWarningMessageHook
SteamAPI_ISteamController_ActivateActionSet
SteamAPI_ISteamController_ActivateActionSetLayer
SteamAPI_ISteamController_DeactivateActionSetLayer
SteamAPI_ISteamController_DeactivateAllActionSetLayers
SteamAPI_ISteamController_GetActionOriginFromXboxOrigin
SteamAPI_ISteamController_GetActionSetHandle
SteamAPI_ISteamController_GetActiveActionSetLayers
SteamAPI_ISteamController_GetAnalogActionData
SteamAPI_ISteamController_GetAnalogActionHandle
SteamAPI_ISteamController_GetAnalogActionOrigins
SteamAPI_ISteamController_GetConnectedControllers
SteamAPI_ISteamController_GetControllerBindingRevision
SteamAPI_ISteamController_GetControllerForGamepadIndex
SteamAPI_ISteamController_GetCurrentActionSet
SteamAPI_ISteamController_GetDigitalActionData
SteamAPI_ISteamController_GetDigitalActionHandle
SteamAPI_ISteamController_GetDigitalActionOrigins
SteamAPI_ISteamController_GetGamepadIndexForController
SteamAPI_ISteamController_GetGlyphForActionOrigin
SteamAPI_ISteamController_GetGlyphForXboxOrigin
SteamAPI_ISteamController_GetInputTypeForHandle
SteamAPI_ISteamController_GetMotionData
SteamAPI_ISteamController_GetStringForActionOrigin
SteamAPI_ISteamController_GetStringForXboxOrigin
SteamAPI_ISteamController_Init
SteamAPI_ISteamController_RunFrame
SteamAPI_ISteamController_SetLEDColor
SteamAPI_ISteamController_ShowBindingPanel
SteamAPI_ISteamController_Shutdown
SteamAPI_ISteamController_StopAnalogActionMomentum
SteamAPI_ISteamController_TranslateActionOrigin
SteamAPI_ISteamController_TriggerHapticPulse
SteamAPI_ISteamController_TriggerRepeatedHapticPulse
SteamAPI_ISteamController_TriggerVibration
SteamAPI_ISteamFriends_ActivateGameOverlay
SteamAPI_ISteamFriends_ActivateGameOverlayInviteDialog
SteamAPI_ISteamFriends_ActivateGameOverlayRemotePlayTogetherInviteDialog
SteamAPI_ISteamFriends_ActivateGameOverlayToStore
SteamAPI_ISteamFriends_ActivateGameOverlayToUser
SteamAPI_ISteamFriends_ActivateGameOverlayToWebPage
SteamAPI_ISteamFriends_ClearRichPresence
SteamAPI_ISteamFriends_CloseClanChatWindowInSteam
SteamAPI_ISteamFriends_DownloadClanActivityCounts
SteamAPI_ISteamFriends_EnumerateFollowingList
SteamAPI_ISteamFriends_GetChatMemberByIndex
SteamAPI_ISteamFriends_GetClanActivityCounts
SteamAPI_ISteamFriends_GetClanByIndex
SteamAPI_ISteamFriends_GetClanChatMemberCount
SteamAPI_ISteamFriends_GetClanChatMessage
SteamAPI_ISteamFriends_GetClanCount
SteamAPI_ISteamFriends_GetClanName
SteamAPI_ISteamFriends_GetClanOfficerByIndex
SteamAPI_ISteamFriends_GetClanOfficerCount
SteamAPI_ISteamFriends_GetClanOwner
SteamAPI_ISteamFriends_GetClanTag
SteamAPI_ISteamFriends_GetCoplayFriend
SteamAPI_ISteamFriends_GetCoplayFriendCount
SteamAPI_ISteamFriends_GetFollowerCount
SteamAPI_ISteamFriends_GetFriendByIndex
SteamAPI_ISteamFriends_GetFriendCoplayGame
SteamAPI_ISteamFriends_GetFriendCoplayTime
SteamAPI_ISteamFriends_GetFriendCount
SteamAPI_ISteamFriends_GetFriendCountFromSource
SteamAPI_ISteamFriends_GetFriendFromSourceByIndex
SteamAPI_ISteamFriends_GetFriendGamePlayed
SteamAPI_ISteamFriends_GetFriendMessage
SteamAPI_ISteamFriends_GetFriendPersonaName
SteamAPI_ISteamFriends_GetFriendPersonaNameHistory
SteamAPI_ISteamFriends_GetFriendPersonaState
SteamAPI_ISteamFriends_GetFriendRelationship
SteamAPI_ISteamFriends_GetFriendRichPresence
SteamAPI_ISteamFriends_GetFriendRichPresenceKeyByIndex
SteamAPI_ISteamFriends_GetFriendRichPresenceKeyCount
SteamAPI_ISteamFriends_GetFriendSteamLevel
SteamAPI_ISteamFriends_GetFriendsGroupCount
SteamAPI_ISteamFriends_GetFriendsGroupIDByIndex
SteamAPI_ISteamFriends_GetFriendsGroupMembersCount
SteamAPI_ISteamFriends_GetFriendsGroupMembersList
SteamAPI_ISteamFriends_GetFriendsGroupName
SteamAPI_ISteamFriends_GetLargeFriendAvatar
SteamAPI_ISteamFriends_GetMediumFriendAvatar
SteamAPI_ISteamFriends_GetNumChatsWithUnreadPriorityMessages
SteamAPI_ISteamFriends_GetPersonaName
SteamAPI_ISteamFriends_GetPersonaState
SteamAPI_ISteamFriends_GetPlayerNickname
SteamAPI_ISteamFriends_GetSmallFriendAvatar
SteamAPI_ISteamFriends_GetUserRestrictions
SteamAPI_ISteamFriends_HasFriend
SteamAPI_ISteamFriends_InviteUserToGame
SteamAPI_ISteamFriends_IsClanChatAdmin
SteamAPI_ISteamFriends_IsClanChatWindowOpenInSteam
SteamAPI_ISteamFriends_IsClanOfficialGameGroup
SteamAPI_ISteamFriends_IsClanPublic
SteamAPI_ISteamFriends_IsFollowing
SteamAPI_ISteamFriends_IsUserInSource
SteamAPI_ISteamFriends_JoinClanChatRoom
SteamAPI_ISteamFriends_LeaveClanChatRoom
SteamAPI_ISteamFriends_OpenClanChatWindowInSteam
SteamAPI_ISteamFriends_ReplyToFriendMessage
SteamAPI_ISteamFriends_RequestClanOfficerList
SteamAPI_ISteamFriends_RequestFriendRichPresence
SteamAPI_ISteamFriends_RequestUserInformation
SteamAPI_ISteamFriends_SendClanChatMessage
SteamAPI_ISteamFriends_SetInGameVoiceSpeaking
SteamAPI_ISteamFriends_SetListenForFriendsMessages
SteamAPI_ISteamFriends_SetPersonaName
SteamAPI_ISteamFriends_SetPlayedWith
SteamAPI_ISteamFriends_SetRichPresence
SteamAPI_ISteamGameSearch_AcceptGame
SteamAPI_ISteamGameSearch_AddGameSearchParams
SteamAPI_ISteamGameSearch_CancelRequestPlayersForGame
SteamAPI_ISteamGameSearch_DeclineGame
SteamAPI_ISteamGameSearch_EndGame
SteamAPI_ISteamGameSearch_EndGameSearch
SteamAPI_ISteamGameSearch_HostConfirmGameStart
SteamAPI_ISteamGameSearch_RequestPlayersForGame
SteamAPI_ISteamGameSearch_RetrieveConnectionDetails
SteamAPI_ISteamGameSearch_SearchForGameSolo
SteamAPI_ISteamGameSearch_SearchForGameWithLobby
SteamAPI_ISteamGameSearch_SetConnectionDetails
SteamAPI_ISteamGameSearch_SetGameHostParams
SteamAPI_ISteamGameSearch_SubmitPlayerResult
SteamAPI_ISteamGameServerStats_ClearUserAchievement
SteamAPI_ISteamGameServerStats_GetUserAchievement
SteamAPI_ISteamGameServerStats_GetUserStatFloat
SteamAPI_ISteamGameServerStats_GetUserStatInt32
SteamAPI_ISteamGameServerStats_RequestUserStats
SteamAPI_ISteamGameServerStats_SetUserAchievement
SteamAPI_ISteamGameServerStats_SetUserStatFloat
SteamAPI_ISteamGameServerStats_SetUserStatInt32
SteamAPI_ISteamGameServerStats_StoreUserStats
SteamAPI_ISteamGameServerStats_UpdateUserAvgRateStat
SteamAPI_ISteamGameServer_AssociateWithClan
SteamAPI_ISteamGameServer_BLoggedOn
SteamAPI_ISteamGameServer_BSecure
SteamAPI_ISteamGameServer_BUpdateUserData
SteamAPI_ISteamGameServer_BeginAuthSession
SteamAPI_ISteamGameServer_CancelAuthTicket
SteamAPI_ISteamGameServer_ClearAllKeyValues
SteamAPI_ISteamGameServer_ComputeNewPlayerCompatibility
SteamAPI_ISteamGameServer_CreateUnauthenticatedUserConnection
SteamAPI_ISteamGameServer_EnableHeartbeats
SteamAPI_ISteamGameServer_EndAuthSession
SteamAPI_ISteamGameServer_ForceHeartbeat
SteamAPI_ISteamGameServer_GetAuthSessionTicket
SteamAPI_ISteamGameServer_GetGameplayStats
SteamAPI_ISteamGameServer_GetNextOutgoingPacket
SteamAPI_ISteamGameServer_GetPublicIP
SteamAPI_ISteamGameServer_GetServerReputation
SteamAPI_ISteamGameServer_GetSteamID
SteamAPI_ISteamGameServer_HandleIncomingPacket
SteamAPI_ISteamGameServer_LogOff
SteamAPI_ISteamGameServer_LogOn
SteamAPI_ISteamGameServer_LogOnAnonymous
SteamAPI_ISteamGameServer_RequestUserGroupStatus
SteamAPI_ISteamGameServer_SendUserConnectAndAuthenticate
SteamAPI_ISteamGameServer_SendUserDisconnect
SteamAPI_ISteamGameServer_SetBotPlayerCount
SteamAPI_ISteamGameServer_SetDedicatedServer
SteamAPI_ISteamGameServer_SetGameData
SteamAPI_ISteamGameServer_SetGameDescription
SteamAPI_ISteamGameServer_SetGameTags
SteamAPI_ISteamGameServer_SetHeartbeatInterval
SteamAPI_ISteamGameServer_SetKeyValue
SteamAPI_ISteamGameServer_SetMapName
SteamAPI_ISteamGameServer_SetMaxPlayerCount
SteamAPI_ISteamGameServer_SetModDir
SteamAPI_ISteamGameServer_SetPasswordProtected
SteamAPI_ISteamGameServer_SetProduct
SteamAPI_ISteamGameServer_SetRegion
SteamAPI_ISteamGameServer_SetServerName
SteamAPI_ISteamGameServer_SetSpectatorPort
SteamAPI_ISteamGameServer_SetSpectatorServerName
SteamAPI_ISteamGameServer_UserHasLicenseForApp
SteamAPI_ISteamGameServer_WasRestartRequested
SteamAPI_ISteamHTMLSurface_AddHeader
SteamAPI_ISteamHTMLSurface_AllowStartRequest
SteamAPI_ISteamHTMLSurface_CopyToClipboard
SteamAPI_ISteamHTMLSurface_CreateBrowser
SteamAPI_ISteamHTMLSurface_ExecuteJavascript
SteamAPI_ISteamHTMLSurface_FileLoadDialogResponse
SteamAPI_ISteamHTMLSurface_Find
SteamAPI_ISteamHTMLSurface_GetLinkAtPosition
SteamAPI_ISteamHTMLSurface_GoBack
SteamAPI_ISteamHTMLSurface_GoForward
SteamAPI_ISteamHTMLSurface_Init
SteamAPI_ISteamHTMLSurface_JSDialogResponse
SteamAPI_ISteamHTMLSurface_KeyChar
SteamAPI_ISteamHTMLSurface_KeyDown
SteamAPI_ISteamHTMLSurface_KeyUp
SteamAPI_ISteamHTMLSurface_LoadURL
SteamAPI_ISteamHTMLSurface_MouseDoubleClick
SteamAPI_ISteamHTMLSurface_MouseDown
SteamAPI_ISteamHTMLSurface_MouseMove
SteamAPI_ISteamHTMLSurface_MouseUp
SteamAPI_ISteamHTMLSurface_MouseWheel
SteamAPI_ISteamHTMLSurface_OpenDeveloperTools
SteamAPI_ISteamHTMLSurface_PasteFromClipboard
SteamAPI_ISteamHTMLSurface_Reload
SteamAPI_ISteamHTMLSurface_RemoveBrowser
SteamAPI_ISteamHTMLSurface_SetBackgroundMode
SteamAPI_ISteamHTMLSurface_SetCookie
SteamAPI_ISteamHTMLSurface_SetDPIScalingFactor
SteamAPI_ISteamHTMLSurface_SetHorizontalScroll
SteamAPI_ISteamHTMLSurface_SetKeyFocus
SteamAPI_ISteamHTMLSurface_SetPageScaleFactor
SteamAPI_ISteamHTMLSurface_SetSize
SteamAPI_ISteamHTMLSurface_SetVerticalScroll
SteamAPI_ISteamHTMLSurface_Shutdown
SteamAPI_ISteamHTMLSurface_StopFind
SteamAPI_ISteamHTMLSurface_StopLoad
SteamAPI_ISteamHTMLSurface_ViewSource
SteamAPI_ISteamHTTP_CreateCookieContainer
SteamAPI_ISteamHTTP_CreateHTTPRequest
SteamAPI_ISteamHTTP_DeferHTTPRequest
SteamAPI_ISteamHTTP_GetHTTPDownloadProgressPct
SteamAPI_ISteamHTTP_GetHTTPRequestWasTimedOut
SteamAPI_ISteamHTTP_GetHTTPResponseBodyData
SteamAPI_ISteamHTTP_GetHTTPResponseBodySize
SteamAPI_ISteamHTTP_GetHTTPResponseHeaderSize
SteamAPI_ISteamHTTP_GetHTTPResponseHeaderValue
SteamAPI_ISteamHTTP_GetHTTPStreamingResponseBodyData
SteamAPI_ISteamHTTP_PrioritizeHTTPRequest
SteamAPI_ISteamHTTP_ReleaseCookieContainer
SteamAPI_ISteamHTTP_ReleaseHTTPRequest
SteamAPI_ISteamHTTP_SendHTTPRequest
SteamAPI_ISteamHTTP_SendHTTPRequestAndStreamResponse
SteamAPI_ISteamHTTP_SetCookie
SteamAPI_ISteamHTTP_SetHTTPRequestAbsoluteTimeoutMS
SteamAPI_ISteamHTTP_SetHTTPRequestContextValue
SteamAPI_ISteamHTTP_SetHTTPRequestCookieContainer
SteamAPI_ISteamHTTP_SetHTTPRequestGetOrPostParameter
SteamAPI_ISteamHTTP_SetHTTPRequestHeaderValue
SteamAPI_ISteamHTTP_SetHTTPRequestNetworkActivityTimeout
SteamAPI_ISteamHTTP_SetHTTPRequestRawPostBody
SteamAPI_ISteamHTTP_SetHTTPRequestRequiresVerifiedCertificate
SteamAPI_ISteamHTTP_SetHTTPRequestUserAgentInfo
SteamAPI_ISteamInput_ActivateActionSet
SteamAPI_ISteamInput_ActivateActionSetLayer
SteamAPI_ISteamInput_DeactivateActionSetLayer
SteamAPI_ISteamInput_DeactivateAllActionSetLayers
SteamAPI_ISteamInput_GetActionOriginFromXboxOrigin
SteamAPI_ISteamInput_GetActionSetHandle
SteamAPI_ISteamInput_GetActiveActionSetLayers
SteamAPI_ISteamInput_GetAnalogActionData
SteamAPI_ISteamInput_GetAnalogActionHandle
SteamAPI_ISteamInput_GetAnalogActionOrigins
SteamAPI_ISteamInput_GetConnectedControllers
SteamAPI_ISteamInput_GetControllerForGamepadIndex
SteamAPI_ISteamInput_GetCurrentActionSet
SteamAPI_ISteamInput_GetDeviceBindingRevision
SteamAPI_ISteamInput_GetDigitalActionData
SteamAPI_ISteamInput_GetDigitalActionHandle
SteamAPI_ISteamInput_GetDigitalActionOrigins
SteamAPI_ISteamInput_GetGamepadIndexForController
SteamAPI_ISteamInput_GetGlyphForActionOrigin
SteamAPI_ISteamInput_GetGlyphForXboxOrigin
SteamAPI_ISteamInput_GetInputTypeForHandle
SteamAPI_ISteamInput_GetMotionData
SteamAPI_ISteamInput_GetRemotePlaySessionID
SteamAPI_ISteamInput_GetStringForActionOrigin
SteamAPI_ISteamInput_GetStringForXboxOrigin
SteamAPI_ISteamInput_Init
SteamAPI_ISteamInput_RunFrame
SteamAPI_ISteamInput_SetLEDColor
SteamAPI_ISteamInput_ShowBindingPanel
SteamAPI_ISteamInput_Shutdown
SteamAPI_ISteamInput_StopAnalogActionMomentum
SteamAPI_ISteamInput_TranslateActionOrigin
SteamAPI_ISteamInput_TriggerHapticPulse
SteamAPI_ISteamInput_TriggerRepeatedHapticPulse
SteamAPI_ISteamInput_TriggerVibration
SteamAPI_ISteamInventory_AddPromoItem
SteamAPI_ISteamInventory_AddPromoItems
SteamAPI_ISteamInventory_CheckResultSteamID
SteamAPI_ISteamInventory_ConsumeItem
SteamAPI_ISteamInventory_DeserializeResult
SteamAPI_ISteamInventory_DestroyResult
SteamAPI_ISteamInventory_ExchangeItems
SteamAPI_ISteamInventory_GenerateItems
SteamAPI_ISteamInventory_GetAllItems
SteamAPI_ISteamInventory_GetEligiblePromoItemDefinitionIDs
SteamAPI_ISteamInventory_GetItemDefinitionIDs
SteamAPI_ISteamInventory_GetItemDefinitionProperty
SteamAPI_ISteamInventory_GetItemPrice
SteamAPI_ISteamInventory_GetItemsByID
SteamAPI_ISteamInventory_GetItemsWithPrices
SteamAPI_ISteamInventory_GetNumItemsWithPrices
SteamAPI_ISteamInventory_GetResultItemProperty
SteamAPI_ISteamInventory_GetResultItems
SteamAPI_ISteamInventory_GetResultStatus
SteamAPI_ISteamInventory_GetResultTimestamp
SteamAPI_ISteamInventory_GrantPromoItems
SteamAPI_ISteamInventory_LoadItemDefinitions
SteamAPI_ISteamInventory_RemoveProperty
SteamAPI_ISteamInventory_RequestEligiblePromoItemDefinitionsIDs
SteamAPI_ISteamInventory_RequestPrices
SteamAPI_ISteamInventory_SendItemDropHeartbeat
SteamAPI_ISteamInventory_SerializeResult
SteamAPI_ISteamInventory_SetPropertyBool
SteamAPI_ISteamInventory_SetPropertyFloat
SteamAPI_ISteamInventory_SetPropertyInt64
SteamAPI_ISteamInventory_SetPropertyString
SteamAPI_ISteamInventory_StartPurchase
SteamAPI_ISteamInventory_StartUpdateProperties
SteamAPI_ISteamInventory_SubmitUpdateProperties
SteamAPI_ISteamInventory_TradeItems
SteamAPI_ISteamInventory_TransferItemQuantity
SteamAPI_ISteamInventory_TriggerItemDrop
SteamAPI_ISteamMatchmakingPingResponse_ServerFailedToRespond
SteamAPI_ISteamMatchmakingPingResponse_ServerResponded
SteamAPI_ISteamMatchmakingPlayersResponse_AddPlayerToList
SteamAPI_ISteamMatchmakingPlayersResponse_PlayersFailedToRespond
SteamAPI_ISteamMatchmakingPlayersResponse_PlayersRefreshComplete
SteamAPI_ISteamMatchmakingRulesResponse_RulesFailedToRespond
SteamAPI_ISteamMatchmakingRulesResponse_RulesRefreshComplete
SteamAPI_ISteamMatchmakingRulesResponse_RulesResponded
SteamAPI_ISteamMatchmakingServerListResponse_RefreshComplete
SteamAPI_ISteamMatchmakingServerListResponse_ServerFailedToRespond
SteamAPI_ISteamMatchmakingServerListResponse_ServerResponded
SteamAPI_ISteamMatchmakingServers_CancelQuery
SteamAPI_ISteamMatchmakingServers_CancelServerQuery
SteamAPI_ISteamMatchmakingServers_GetServerCount
SteamAPI_ISteamMatchmakingServers_GetServerDetails
SteamAPI_ISteamMatchmakingServers_IsRefreshing
SteamAPI_ISteamMatchmakingServers_PingServer
SteamAPI_ISteamMatchmakingServers_PlayerDetails
SteamAPI_ISteamMatchmakingServers_RefreshQuery
SteamAPI_ISteamMatchmakingServers_RefreshServer
SteamAPI_ISteamMatchmakingServers_ReleaseRequest
SteamAPI_ISteamMatchmakingServers_RequestFavoritesServerList
SteamAPI_ISteamMatchmakingServers_RequestFriendsServerList
SteamAPI_ISteamMatchmakingServers_RequestHistoryServerList
SteamAPI_ISteamMatchmakingServers_RequestInternetServerList
SteamAPI_ISteamMatchmakingServers_RequestLANServerList
SteamAPI_ISteamMatchmakingServers_RequestSpectatorServerList
SteamAPI_ISteamMatchmakingServers_ServerRules
SteamAPI_ISteamMatchmaking_AddFavoriteGame
SteamAPI_ISteamMatchmaking_AddRequestLobbyListCompatibleMembersFilter
SteamAPI_ISteamMatchmaking_AddRequestLobbyListDistanceFilter
SteamAPI_ISteamMatchmaking_AddRequestLobbyListFilterSlotsAvailable
SteamAPI_ISteamMatchmaking_AddRequestLobbyListNearValueFilter
SteamAPI_ISteamMatchmaking_AddRequestLobbyListNumericalFilter
SteamAPI_ISteamMatchmaking_AddRequestLobbyListResultCountFilter
SteamAPI_ISteamMatchmaking_AddRequestLobbyListStringFilter
SteamAPI_ISteamMatchmaking_CreateLobby
SteamAPI_ISteamMatchmaking_DeleteLobbyData
SteamAPI_ISteamMatchmaking_GetFavoriteGame
SteamAPI_ISteamMatchmaking_GetFavoriteGameCount
SteamAPI_ISteamMatchmaking_GetLobbyByIndex
SteamAPI_ISteamMatchmaking_GetLobbyChatEntry
SteamAPI_ISteamMatchmaking_GetLobbyData
SteamAPI_ISteamMatchmaking_GetLobbyDataByIndex
SteamAPI_ISteamMatchmaking_GetLobbyDataCount
SteamAPI_ISteamMatchmaking_GetLobbyGameServer
SteamAPI_ISteamMatchmaking_GetLobbyMemberByIndex
SteamAPI_ISteamMatchmaking_GetLobbyMemberData
SteamAPI_ISteamMatchmaking_GetLobbyMemberLimit
SteamAPI_ISteamMatchmaking_GetLobbyOwner
SteamAPI_ISteamMatchmaking_GetNumLobbyMembers
SteamAPI_ISteamMatchmaking_InviteUserToLobby
SteamAPI_ISteamMatchmaking_JoinLobby
SteamAPI_ISteamMatchmaking_LeaveLobby
SteamAPI_ISteamMatchmaking_RemoveFavoriteGame
SteamAPI_ISteamMatchmaking_RequestLobbyData
SteamAPI_ISteamMatchmaking_RequestLobbyList
SteamAPI_ISteamMatchmaking_SendLobbyChatMsg
SteamAPI_ISteamMatchmaking_SetLinkedLobby
SteamAPI_ISteamMatchmaking_SetLobbyData
SteamAPI_ISteamMatchmaking_SetLobbyGameServer
SteamAPI_ISteamMatchmaking_SetLobbyJoinable
SteamAPI_ISteamMatchmaking_SetLobbyMemberData
SteamAPI_ISteamMatchmaking_SetLobbyMemberLimit
SteamAPI_ISteamMatchmaking_SetLobbyOwner
SteamAPI_ISteamMatchmaking_SetLobbyType
SteamAPI_ISteamMusicRemote_BActivationSuccess
SteamAPI_ISteamMusicRemote_BIsCurrentMusicRemote
SteamAPI_ISteamMusicRemote_CurrentEntryDidChange
SteamAPI_ISteamMusicRemote_CurrentEntryIsAvailable
SteamAPI_ISteamMusicRemote_CurrentEntryWillChange
SteamAPI_ISteamMusicRemote_DeregisterSteamMusicRemote
SteamAPI_ISteamMusicRemote_EnableLooped
SteamAPI_ISteamMusicRemote_EnablePlayNext
SteamAPI_ISteamMusicRemote_EnablePlayPrevious
SteamAPI_ISteamMusicRemote_EnablePlaylists
SteamAPI_ISteamMusicRemote_EnableQueue
SteamAPI_ISteamMusicRemote_EnableShuffled
SteamAPI_ISteamMusicRemote_PlaylistDidChange
SteamAPI_ISteamMusicRemote_PlaylistWillChange
SteamAPI_ISteamMusicRemote_QueueDidChange
SteamAPI_ISteamMusicRemote_QueueWillChange
SteamAPI_ISteamMusicRemote_RegisterSteamMusicRemote
SteamAPI_ISteamMusicRemote_ResetPlaylistEntries
SteamAPI_ISteamMusicRemote_ResetQueueEntries
SteamAPI_ISteamMusicRemote_SetCurrentPlaylistEntry
SteamAPI_ISteamMusicRemote_SetCurrentQueueEntry
SteamAPI_ISteamMusicRemote_SetDisplayName
SteamAPI_ISteamMusicRemote_SetPNGIcon_64x64
SteamAPI_ISteamMusicRemote_SetPlaylistEntry
SteamAPI_ISteamMusicRemote_SetQueueEntry
SteamAPI_ISteamMusicRemote_UpdateCurrentEntryCoverArt
SteamAPI_ISteamMusicRemote_UpdateCurrentEntryElapsedSeconds
SteamAPI_ISteamMusicRemote_UpdateCurrentEntryText
SteamAPI_ISteamMusicRemote_UpdateLooped
SteamAPI_ISteamMusicRemote_UpdatePlaybackStatus
SteamAPI_ISteamMusicRemote_UpdateShuffled
SteamAPI_ISteamMusicRemote_UpdateVolume
SteamAPI_ISteamMusic_BIsEnabled
SteamAPI_ISteamMusic_BIsPlaying
SteamAPI_ISteamMusic_GetPlaybackStatus
SteamAPI_ISteamMusic_GetVolume
SteamAPI_ISteamMusic_Pause
SteamAPI_ISteamMusic_Play
SteamAPI_ISteamMusic_PlayNext
SteamAPI_ISteamMusic_PlayPrevious
SteamAPI_ISteamMusic_SetVolume
SteamAPI_ISteamNetworkingConnectionCustomSignaling_Release
SteamAPI_ISteamNetworkingConnectionCustomSignaling_SendSignal
SteamAPI_ISteamNetworkingCustomSignalingRecvContext_OnConnectRequest
SteamAPI_ISteamNetworkingCustomSignalingRecvContext_SendRejectionSignal
SteamAPI_ISteamNetworkingSockets_AcceptConnection
SteamAPI_ISteamNetworkingSockets_CloseConnection
SteamAPI_ISteamNetworkingSockets_CloseListenSocket
SteamAPI_ISteamNetworkingSockets_ConnectByIPAddress
SteamAPI_ISteamNetworkingSockets_ConnectP2P
SteamAPI_ISteamNetworkingSockets_ConnectP2PCustomSignaling

Sections

.text
Size: 130KB - Virtual size: 130KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 101KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ScriptHook/data/steam_appid.txt
ScriptHook/data/ui/styles/default/application.json
ScriptHook/data/ui/styles/default/default.json
ScriptHook/data/ui/styles/default/docking.json
ScriptHook/data/ui/styles/default/game-controls.json
ScriptHook/data/ui/styles/default/icons.png
.png

Password: mafia
ScriptHook/data/ui/styles/default/simple-menu.json
ScriptHook/data/ui/styles/default/startup-menu.json
ScriptHook/data/ui/ui-json.core.schema.jsonc
ScriptHook/data/versions.json
VC_redist.x64.exe
.exe windows:5 windows x86 arch:x86

1a5cdbf711fee14b077e599d13fddab2

Code Sign

33:00:00:01:34:22:1e:7e:49:2a:ac:da:6a:00:00:00:00:01:34
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08/10/2019, 18:17

Not After

03/01/2021, 18:17

Subject

CN=Microsoft Time-Stamp service,OU=Microsoft Ireland Operations Limited+OU=Thales TSS ESN:E041-4BEE-FA7E,O=Microsoft Corporation,L=Redmond,ST=WA,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

33:00:00:01:52:9b:40:9f:50:56:99:75:88:00:00:00:00:01:52
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

02/05/2019, 21:37

Not After

02/05/2020, 21:37

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03/04/2007, 12:53

Not After

03/04/2021, 13:03

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08/07/2011, 20:59

Not After

08/07/2026, 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:01:52:9b:40:9f:50:56:99:75:88:00:00:00:00:01:52
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

02/05/2019, 21:37

Not After

02/05/2020, 21:37

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08/07/2011, 20:59

Not After

08/07/2026, 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

b4:cd:00:d9:81:97:db:3f:fb:fb:3f:54:d1:0a:0d:d4:f4:56:29:a6:03:63:86:3f:a0:b1:71:7e:4c:43:8a:da
Signer

Actual PE Digest

b4:cd:00:d9:81:97:db:3f:fb:fb:3f:54:d1:0a:0d:d4:f4:56:29:a6:03:63:86:3f:a0:b1:71:7e:4c:43:8a:da

Digest Algorithm

sha256

PE Digest Matches

true

77:97:6d:62:92:5a:37:44:2f:5d:c5:b0:8d:43:91:09:56:54:b2:48
Signer

Actual PE Digest

77:97:6d:62:92:5a:37:44:2f:5d:c5:b0:8d:43:91:09:56:54:b2:48

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_REMOVABLE_RUN_FROM_SWAP
IMAGE_FILE_NET_RUN_FROM_SWAP

PDB Paths

C:\agent\_work\8\s\build\ship\x86\burn.pdb

Imports

advapi32

RegCloseKey
RegOpenKeyExW
OpenProcessToken
AdjustTokenPrivileges
LookupPrivilegeValueW
InitiateSystemShutdownExW
GetUserNameW
RegQueryValueExW
RegDeleteValueW
ConvertStringSecurityDescriptorToSecurityDescriptorW
DecryptFileW
CreateWellKnownSid
InitializeAcl
SetEntriesInAclW
ChangeServiceConfigW
CloseServiceHandle
ControlService
OpenSCManagerW
OpenServiceW
QueryServiceStatus
SetNamedSecurityInfoW
CheckTokenMembership
AllocateAndInitializeSid
SetEntriesInAclA
SetSecurityDescriptorGroup
SetSecurityDescriptorOwner
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
RegSetValueExW
RegQueryInfoKeyW
RegEnumValueW
RegEnumKeyExW
RegDeleteKeyW
RegCreateKeyExW
GetTokenInformation
CryptDestroyHash
CryptHashData
CryptCreateHash
CryptGetHashParam
CryptReleaseContext
CryptAcquireContextW
QueryServiceConfigW

user32

GetMessageW
PostMessageW
IsWindow
WaitForInputIdle
PostQuitMessage
PeekMessageW
MsgWaitForMultipleObjects
PostThreadMessageW
GetMonitorInfoW
MonitorFromPoint
IsDialogMessageW
LoadCursorW
LoadBitmapW
SetWindowLongW
GetWindowLongW
GetCursorPos
MessageBoxW
CreateWindowExW
UnregisterClassW
RegisterClassW
DefWindowProcW
DispatchMessageW
TranslateMessage

oleaut32

SysFreeString
SysAllocString
VariantInit
VariantClear

gdi32

CreateCompatibleDC
DeleteObject
SelectObject
StretchBlt
GetObjectW
DeleteDC

shell32

SHGetFolderPathW
CommandLineToArgvW
ShellExecuteExW

ole32

CoUninitialize
CoInitializeEx
CoInitialize
StringFromGUID2
CoCreateInstance
CoTaskMemFree
CoInitializeSecurity
CLSIDFromProgID

kernel32

GetCommandLineA
GetCPInfo
GetOEMCP
CloseHandle
CreateFileW
GetProcAddress
LocalFree
HeapSetInformation
GetLastError
GetModuleHandleW
FormatMessageW
lstrlenA
lstrlenW
MultiByteToWideChar
WideCharToMultiByte
LCMapStringW
Sleep
GetLocalTime
GetModuleFileNameW
ExpandEnvironmentStringsW
GetTempPathW
GetTempFileNameW
CreateDirectoryW
GetFullPathNameW
CompareStringW
GetCurrentProcessId
WriteFile
SetFilePointer
LoadLibraryW
GetSystemDirectoryW
CreateFileA
HeapAlloc
HeapReAlloc
HeapFree
HeapSize
GetProcessHeap
FindClose
GetCommandLineW
GetCurrentDirectoryW
RemoveDirectoryW
SetFileAttributesW
GetFileAttributesW
DeleteFileW
FindFirstFileW
FindNextFileW
MoveFileExW
GetCurrentProcess
GetCurrentThreadId
InitializeCriticalSection
DeleteCriticalSection
ReleaseMutex
GetEnvironmentStringsW
TlsGetValue
TlsSetValue
TlsFree
CreateProcessW
GetVersionExW
VerSetConditionMask
FreeLibrary
EnterCriticalSection
LeaveCriticalSection
GetSystemTime
GetNativeSystemInfo
GetModuleHandleExW
GetWindowsDirectoryW
GetSystemWow64DirectoryW
GetComputerNameW
VerifyVersionInfoW
GetVolumePathNameW
GetDateFormatW
GetSystemDefaultLangID
GetUserDefaultLangID
GetStringTypeW
ReadFile
SetFilePointerEx
DuplicateHandle
InterlockedExchange
InterlockedCompareExchange
CreateEventW
ProcessIdToSessionId
OpenProcess
GetProcessId
WaitForSingleObject
ConnectNamedPipe
SetNamedPipeHandleState
CreateNamedPipeW
CreateThread
GetExitCodeThread
SetEvent
WaitForMultipleObjects
InterlockedIncrement
InterlockedDecrement
ResetEvent
SetEndOfFile
SetFileTime
LocalFileTimeToFileTime
DosDateTimeToFileTime
CompareStringA
GetExitCodeProcess
SetThreadExecutionState
CopyFileExW
MapViewOfFile
UnmapViewOfFile
CreateMutexW
CreateFileMappingW
GetThreadLocale
IsValidCodePage
FreeEnvironmentStringsW
TlsAlloc
SetStdHandle
GetConsoleCP
GetConsoleMode
FlushFileBuffers
DecodePointer
WriteConsoleW
GetModuleHandleA
GlobalAlloc
GlobalFree
GetFileSizeEx
CopyFileW
VirtualAlloc
VirtualFree
SystemTimeToTzSpecificLocalTime
GetTimeZoneInformation
SystemTimeToFileTime
GetSystemInfo
VirtualProtect
VirtualQuery
SetCurrentDirectoryW
FindFirstFileExW
GetFileType
GetACP
ExitProcess
GetStdHandle
LoadLibraryExW
InitializeCriticalSectionAndSpinCount
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
RaiseException
RtlUnwind
SetLastError
LoadLibraryExA

rpcrt4

UuidCreate

Sections

.text
Size: 294KB - Virtual size: 293KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 123KB - Virtual size: 122KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.wixburn
Size: 512B - Virtual size: 56B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 512B - Virtual size: 224B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
dinput8.dll
.dll regsvr32 windows:6 windows x64 arch:x64

8b6938b9cfc5652ad14789463a35d3f4

Code Sign

12:01:2f:36:88:74:61:37:29:e1:2c:e0:8a:30:d9:b2
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

14/04/2021, 00:00

Not After

11/04/2022, 23:59

Subject

CN=Jan Schmitter,O=Jan Schmitter,L=Bedburg,ST=Nordrhein-Westfalen,C=DE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

39:72:44:3a:f9:22:b7:51:d7:d3:6c:10:dd:31:35:95
Certificate

Issuer

CN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

12/03/2019, 00:00

Not After

31/12/2028, 23:59

Subject

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02/11/2018, 00:00

Not After

31/12/2030, 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

9a:f4:88:80:c2:6e:fd:63:e7:a8:6e:a5:66:42:04:d1:f6:a9:41:07
Signer

Actual PE Digest

9a:f4:88:80:c2:6e:fd:63:e7:a8:6e:a5:66:42:04:d1:f6:a9:41:07

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\runners\mplus\actions-runner\_work\MPlus\MPlus\NomadFX\bin\Win64\Shipping\projects\mplus\dinput8.pdb

Imports

kernel32

GetModuleFileNameW
GetSystemDirectoryW
LoadLibraryA
LoadLibraryW
GetProcAddress
GetModuleHandleW
CopyFileW
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
RtlCaptureContext

user32

MessageBoxA
MessageBoxW

shell32

ShellExecuteW

msvcp140

?_Xlength_error@std@@YAXPEBD@Z

vcruntime140_1

__CxxFrameHandler4

vcruntime140

__std_exception_copy
memmove
__C_specific_handler
memcpy
__std_exception_destroy
memset
__std_type_info_destroy_list
_CxxThrowException

api-ms-win-crt-filesystem-l1-1-0

_wsplitpath_s

api-ms-win-crt-string-l1-1-0

wcscat_s
wcscpy_s

api-ms-win-crt-runtime-l1-1-0

_initialize_narrow_environment
_configure_narrow_argv
_seh_filter_dll
_cexit
_initterm_e
_invalid_parameter_noinfo_noreturn
_initialize_onexit_table
_execute_onexit_table
_initterm

api-ms-win-crt-heap-l1-1-0

_callnewh
free
malloc

Exports

Exports

DirectInput8Create
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
GetdfDIJoystick

Sections

.text
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1024B - Virtual size: 672B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 72B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
uninstall-scripthook.exe.nsis

Sharing

General

Malware Config

Signatures

Files

Password: mafia

7c2c71dfce9a27650634dc8b1ca03bf0

Code Sign

12:01:2f:36:88:74:61:37:29:e1:2c:e0:8a:30:d9:b2Certificate

Extended Key Usages

Key Usages

39:72:44:3a:f9:22:b7:51:d7:d3:6c:10:dd:31:35:95Certificate

Key Usages

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6aCertificate

Extended Key Usages

Key Usages

f9:b7:4a:e7:54:45:f4:0a:c6:10:e8:32:2f:f1:35:1b:4f:57:2c:11Signer

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

advapi32

comctl32

ole32

Sections

.text Size: 24KB - Virtual size: 24KB

.rdata Size: 5KB - Virtual size: 4KB

.data Size: 1024B - Virtual size: 106KB

.ndata Size: - Virtual size: 76KB

.rsrc Size: 41KB - Virtual size: 40KB

Password: mafia

8c8a576201f68de1a3f26fc723b9f30f

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

ole32

Exports

Exports

Sections

.text Size: 8KB - Virtual size: 7KB

.rdata Size: 1024B - Virtual size: 867B

.data Size: 512B - Virtual size: 104B

.reloc Size: 1024B - Virtual size: 636B

Password: mafia

cce05dea98cbac3a9d486b233588f528

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

Exports

Exports

Sections

.text Size: 1024B - Virtual size: 700B

.rdata Size: 1024B - Virtual size: 705B

.data Size: 512B - Virtual size: 88B

.reloc Size: 512B - Virtual size: 240B

Password: mafia

ebc2d915841be8afc8fa1ee9f6850960

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

comdlg32

ole32

Exports

Exports

Sections

12:01:2f:36:88:74:61:37:29:e1:2c:e0:8a:30:d9:b2
Certificate

39:72:44:3a:f9:22:b7:51:d7:d3:6c:10:dd:31:35:95
Certificate

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

f9:b7:4a:e7:54:45:f4:0a:c6:10:e8:32:2f:f1:35:1b:4f:57:2c:11
Signer

.text
Size: 24KB - Virtual size: 24KB

.rdata
Size: 5KB - Virtual size: 4KB

.data
Size: 1024B - Virtual size: 106KB

.ndata
Size: - Virtual size: 76KB

.rsrc
Size: 41KB - Virtual size: 40KB

.text
Size: 8KB - Virtual size: 7KB

.rdata
Size: 1024B - Virtual size: 867B

.data
Size: 512B - Virtual size: 104B

.reloc
Size: 1024B - Virtual size: 636B

.text
Size: 1024B - Virtual size: 700B

.rdata
Size: 1024B - Virtual size: 705B

.data
Size: 512B - Virtual size: 88B

.reloc
Size: 512B - Virtual size: 240B

.text
Size: 4KB - Virtual size: 4KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 512B - Virtual size: 4KB

.rsrc
Size: 512B - Virtual size: 152B

.reloc
Size: 1024B - Virtual size: 628B

12:01:2f:36:88:74:61:37:29:e1:2c:e0:8a:30:d9:b2
Certificate

39:72:44:3a:f9:22:b7:51:d7:d3:6c:10:dd:31:35:95
Certificate

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

52:ba:5e:5e:d4:5a:b9:39:05:22:23:3b:a4:c4:0f:5c:bb:09:13:af
Signer

.text
Size: 2.2MB - Virtual size: 2.2MB

.rdata
Size: 430KB - Virtual size: 430KB

.data
Size: 27KB - Virtual size: 70KB

.pdata
Size: 103KB - Virtual size: 102KB

CPADinfo
Size: 512B - Virtual size: 56B

.rsrc
Size: 228KB - Virtual size: 227KB

.reloc
Size: 9KB - Virtual size: 9KB

12:01:2f:36:88:74:61:37:29:e1:2c:e0:8a:30:d9:b2
Certificate

39:72:44:3a:f9:22:b7:51:d7:d3:6c:10:dd:31:35:95
Certificate

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate