windows-latest[.]zip

Sharing

Copy URL

Twitter E-mail

General

Target

windows-latest.zip
Size

13.6MB
MD5

fa20fb15ac3ad77f07e75645e3b506fe
SHA1

01b051460a4282e7c468b358a1c51763fa8fec07
SHA256

97ecb8217d2c20b00045fc10351bd554c1b346fd8aad64aea8aae3ee0db230e4
SHA512

502be60b2e9e307ebb5597a57a31bc439f3f004ff91b49cf40024bfcafe5c3843f918357a4f42ed30108453a46e36850bc69ddc30b9be382c1eab7bbc443f0d1
SSDEEP

393216:GGgU3AWSe8XOVbc3Y/H/Jlyy3FSojRni5b5/GQH:G7U3Ce8kbcCfJlHFSkhi5b5eG

Score

3^/10

Malware Config

Signatures

Embeds OpenSSL 1 IoCs

Embeds OpenSSL, may be used to circumvent TLS interception.

resource	yara_rule
static1/unpack001/Vita3K.exe	embeds_openssl

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/SDL2.dll
unpack001/Vita3K.exe

Files

windows-latest.zip
.zip

Password: infected
SDL2.dll
.dll windows:4 windows x64 arch:x64

Password: infected

191a1a035d6495eaba3ad05cd155ce7b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

advapi32

RegCloseKey
RegOpenKeyExW
RegQueryValueExW

gdi32

BitBlt
ChoosePixelFormat
CombineRgn
CreateBitmap
CreateCompatibleBitmap
CreateCompatibleDC
CreateDCW
CreateDIBSection
CreateFontIndirectW
CreateFontW
CreatePen
CreateRectRgn
CreateSolidBrush
DeleteDC
DeleteObject
DescribePixelFormat
ExtTextOutW
GetDIBits
GetDeviceCaps
GetDeviceGammaRamp
GetICMProfileW
GetPixelFormat
GetTextExtentPoint32A
GetTextExtentPoint32W
GetTextMetricsW
Rectangle
SelectObject
SetBkMode
SetDeviceGammaRamp
SetPixelFormat
SetTextColor
SwapBuffers

imm32

ImmAssociateContext
ImmGetCandidateListW
ImmGetCompositionStringW
ImmGetContext
ImmGetIMEFileNameA
ImmNotifyIME
ImmReleaseContext
ImmSetCandidateWindow
ImmSetCompositionStringW
ImmSetCompositionWindow

kernel32

AttachConsole
CancelIo
CloseHandle
CompareStringA
CreateDirectoryW
CreateEventW
CreateFileA
CreateFileW
CreateSemaphoreW
CreateThread
DeleteCriticalSection
DeviceIoControl
EnterCriticalSection
EnumResourceNamesW
ExitProcess
FormatMessageW
FreeLibrary
GetConsoleMode
GetCurrentProcess
GetCurrentThread
GetCurrentThreadId
GetEnvironmentVariableA
GetFileSizeEx
GetFileTime
GetLastError
GetLocaleInfoA
GetModuleFileNameW
GetModuleHandleExW
GetModuleHandleW
GetOverlappedResult
GetProcAddress
GetStdHandle
GetSystemInfo
GetSystemPowerStatus
GetTickCount
GlobalAlloc
GlobalLock
GlobalMemoryStatusEx
GlobalUnlock
InitializeCriticalSection
InitializeCriticalSectionAndSpinCount
IsDebuggerPresent
LeaveCriticalSection
LoadLibraryA
LoadLibraryExW
LoadLibraryW
LocalFree
MulDiv
OutputDebugStringW
QueryPerformanceCounter
QueryPerformanceFrequency
RaiseException
ReadFile
ReleaseSemaphore
ResetEvent
SetEnvironmentVariableA
SetErrorMode
SetFilePointer
SetFilePointerEx
SetThreadExecutionState
SetThreadPriority
Sleep
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TryEnterCriticalSection
VerSetConditionMask
VerifyVersionInfoW
VirtualAlloc
VirtualFree
VirtualProtect
VirtualQuery
WaitForSingleObject
WaitForSingleObjectEx
WideCharToMultiByte
WriteConsoleW
WriteFile

msvcrt

__iob_func
_amsg_exit
_initterm
_lock
_unlock
abort
calloc
free
fwrite
memcpy
memset
realloc
strlen
strncmp
vfprintf

ole32

CLSIDFromString
CoCreateInstance
CoInitializeEx
CoTaskMemFree
CoUninitialize
PropVariantClear

oleaut32

SysFreeString

setupapi

CM_Get_Device_IDA
CM_Get_Parent
CM_Locate_DevNodeA
SetupDiDestroyDeviceInfoList
SetupDiEnumDeviceInfo
SetupDiEnumDeviceInterfaces
SetupDiGetClassDevsA
SetupDiGetDeviceInterfaceDetailA
SetupDiGetDeviceRegistryPropertyA

shell32

DragAcceptFiles
DragFinish
DragQueryFileW
SHGetFolderPathW
ShellExecuteW

user32

AdjustWindowRectEx
AttachThreadInput
CallNextHookEx
CallWindowProcW
ChangeDisplaySettingsExW
ClientToScreen
ClipCursor
CloseClipboard
CopyImage
CreateIconFromResource
CreateIconIndirect
CreateWindowExA
CreateWindowExW
DefWindowProcW
DestroyIcon
DestroyWindow
DialogBoxIndirectParamW
DispatchMessageW
DrawTextW
EmptyClipboard
EndDialog
EnumDisplayDevicesW
EnumDisplayMonitors
EnumDisplaySettingsW
FillRect
FlashWindowEx
GetAsyncKeyState
GetClassInfoExW
GetClientRect
GetClipCursor
GetClipboardData
GetClipboardSequenceNumber
GetCursorPos
GetDC
GetDesktopWindow
GetDlgItem
GetDoubleClickTime
GetFocus
GetForegroundWindow
GetKeyState
GetKeyboardLayout
GetKeyboardState
GetMenu
GetMessageExtraInfo
GetMessageTime
GetMessageW
GetMonitorInfoW
GetParent
GetPropW
GetRawInputData
GetRawInputDeviceInfoA
GetRawInputDeviceList
GetSystemMetrics
GetUpdateRect
GetWindowLongPtrW
GetWindowLongW
GetWindowRect
GetWindowTextLengthW
GetWindowTextW
GetWindowThreadProcessId
IntersectRect
InvalidateRect
IsClipboardFormatAvailable
IsIconic
KillTimer
LoadCursorW
LoadIconW
MapVirtualKeyW
MessageBoxA
MonitorFromPoint
MonitorFromRect
MonitorFromWindow
MsgWaitForMultipleObjects
OpenClipboard
PeekMessageW
PostMessageW
PostThreadMessageW
PtInRect
RegisterClassExA
RegisterClassExW
RegisterClassW
RegisterDeviceNotificationW
RegisterRawInputDevices
RegisterWindowMessageA
ReleaseCapture
ReleaseDC
RemovePropW
ScreenToClient
SendMessageW
SetActiveWindow
SetCapture
SetClipboardData
SetCursor
SetCursorPos
SetFocus
SetForegroundWindow
SetLayeredWindowAttributes
SetPropW
SetTimer
SetWindowLongPtrW
SetWindowLongW
SetWindowPos
SetWindowRgn
SetWindowTextW
SetWindowsHookExW
ShowWindow
SystemParametersInfoA
SystemParametersInfoW
ToUnicode
TrackMouseEvent
TranslateMessage
UnhookWindowsHookEx
UnregisterClassA
UnregisterClassW
UnregisterDeviceNotification
ValidateRect

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

winmm

timeBeginPeriod
timeEndPeriod
waveInAddBuffer
waveInClose
waveInGetDevCapsW
waveInGetNumDevs
waveInOpen
waveInPrepareHeader
waveInReset
waveInStart
waveInUnprepareHeader
waveOutClose
waveOutGetDevCapsW
waveOutGetErrorTextW
waveOutGetNumDevs
waveOutOpen
waveOutPrepareHeader
waveOutReset
waveOutUnprepareHeader
waveOutWrite

Exports

Exports

SDL_AddEventWatch
SDL_AddHintCallback
SDL_AddTimer
SDL_AllocFormat
SDL_AllocPalette
SDL_AllocRW
SDL_AtomicAdd
SDL_AtomicCAS
SDL_AtomicCASPtr
SDL_AtomicGet
SDL_AtomicGetPtr
SDL_AtomicLock
SDL_AtomicSet
SDL_AtomicSetPtr
SDL_AtomicTryLock
SDL_AtomicUnlock
SDL_AudioInit
SDL_AudioQuit
SDL_AudioStreamAvailable
SDL_AudioStreamClear
SDL_AudioStreamFlush
SDL_AudioStreamGet
SDL_AudioStreamPut
SDL_BuildAudioCVT
SDL_CalculateGammaRamp
SDL_CaptureMouse
SDL_ClearComposition
SDL_ClearError
SDL_ClearHints
SDL_ClearQueuedAudio
SDL_CloseAudio
SDL_CloseAudioDevice
SDL_ComposeCustomBlendMode
SDL_CondBroadcast
SDL_CondSignal
SDL_CondWait
SDL_CondWaitTimeout
SDL_ConvertAudio
SDL_ConvertPixels
SDL_ConvertSurface
SDL_ConvertSurfaceFormat
SDL_CreateColorCursor
SDL_CreateCond
SDL_CreateCursor
SDL_CreateMutex
SDL_CreateRGBSurface
SDL_CreateRGBSurfaceFrom
SDL_CreateRGBSurfaceWithFormat
SDL_CreateRGBSurfaceWithFormatFrom
SDL_CreateRenderer
SDL_CreateSemaphore
SDL_CreateShapedWindow
SDL_CreateSoftwareRenderer
SDL_CreateSystemCursor
SDL_CreateTexture
SDL_CreateTextureFromSurface
SDL_CreateThread
SDL_CreateThreadWithStackSize
SDL_CreateWindow
SDL_CreateWindowAndRenderer
SDL_CreateWindowFrom
SDL_DXGIGetOutputInfo
SDL_DYNAPI_entry
SDL_DelEventWatch
SDL_DelHintCallback
SDL_Delay
SDL_DequeueAudio
SDL_DestroyCond
SDL_DestroyMutex
SDL_DestroyRenderer
SDL_DestroySemaphore
SDL_DestroyTexture
SDL_DestroyWindow
SDL_DestroyWindowSurface
SDL_DetachThread
SDL_Direct3D9GetAdapterIndex
SDL_DisableScreenSaver
SDL_DuplicateSurface
SDL_EnableScreenSaver
SDL_EncloseFPoints
SDL_EnclosePoints
SDL_Error
SDL_EventState
SDL_FillRect
SDL_FillRects
SDL_FilterEvents
SDL_FlashWindow
SDL_FlushEvent
SDL_FlushEvents
SDL_FreeAudioStream
SDL_FreeCursor
SDL_FreeFormat
SDL_FreePalette
SDL_FreeRW
SDL_FreeSurface
SDL_FreeWAV
SDL_GL_BindTexture
SDL_GL_CreateContext
SDL_GL_DeleteContext
SDL_GL_ExtensionSupported
SDL_GL_GetAttribute
SDL_GL_GetCurrentContext
SDL_GL_GetCurrentWindow
SDL_GL_GetDrawableSize
SDL_GL_GetProcAddress
SDL_GL_GetSwapInterval
SDL_GL_LoadLibrary
SDL_GL_MakeCurrent
SDL_GL_ResetAttributes
SDL_GL_SetAttribute
SDL_GL_SetSwapInterval
SDL_GL_SwapWindow
SDL_GL_UnbindTexture
SDL_GL_UnloadLibrary
SDL_GUIDFromString
SDL_GUIDToString
SDL_GameControllerAddMapping
SDL_GameControllerAddMappingsFromRW
SDL_GameControllerClose
SDL_GameControllerEventState
SDL_GameControllerFromInstanceID
SDL_GameControllerFromPlayerIndex
SDL_GameControllerGetAppleSFSymbolsNameForAxis
SDL_GameControllerGetAppleSFSymbolsNameForButton
SDL_GameControllerGetAttached
SDL_GameControllerGetAxis
SDL_GameControllerGetAxisFromString
SDL_GameControllerGetBindForAxis
SDL_GameControllerGetBindForButton
SDL_GameControllerGetButton
SDL_GameControllerGetButtonFromString
SDL_GameControllerGetFirmwareVersion
SDL_GameControllerGetJoystick
SDL_GameControllerGetNumTouchpadFingers
SDL_GameControllerGetNumTouchpads
SDL_GameControllerGetPlayerIndex
SDL_GameControllerGetProduct
SDL_GameControllerGetProductVersion
SDL_GameControllerGetSensorData
SDL_GameControllerGetSensorDataRate
SDL_GameControllerGetSensorDataWithTimestamp
SDL_GameControllerGetSerial
SDL_GameControllerGetSteamHandle
SDL_GameControllerGetStringForAxis
SDL_GameControllerGetStringForButton
SDL_GameControllerGetTouchpadFinger
SDL_GameControllerGetType
SDL_GameControllerGetVendor
SDL_GameControllerHasAxis
SDL_GameControllerHasButton
SDL_GameControllerHasLED
SDL_GameControllerHasRumble
SDL_GameControllerHasRumbleTriggers
SDL_GameControllerHasSensor
SDL_GameControllerIsSensorEnabled
SDL_GameControllerMapping
SDL_GameControllerMappingForDeviceIndex
SDL_GameControllerMappingForGUID
SDL_GameControllerMappingForIndex
SDL_GameControllerName
SDL_GameControllerNameForIndex
SDL_GameControllerNumMappings
SDL_GameControllerOpen
SDL_GameControllerPath
SDL_GameControllerPathForIndex
SDL_GameControllerRumble
SDL_GameControllerRumbleTriggers
SDL_GameControllerSendEffect
SDL_GameControllerSetLED
SDL_GameControllerSetPlayerIndex
SDL_GameControllerSetSensorEnabled
SDL_GameControllerTypeForIndex
SDL_GameControllerUpdate
SDL_GetAssertionHandler
SDL_GetAssertionReport
SDL_GetAudioDeviceName
SDL_GetAudioDeviceSpec
SDL_GetAudioDeviceStatus
SDL_GetAudioDriver
SDL_GetAudioStatus
SDL_GetBasePath
SDL_GetCPUCacheLineSize
SDL_GetCPUCount
SDL_GetClipRect
SDL_GetClipboardText
SDL_GetClosestDisplayMode
SDL_GetColorKey
SDL_GetCurrentAudioDriver
SDL_GetCurrentDisplayMode
SDL_GetCurrentVideoDriver
SDL_GetCursor
SDL_GetDefaultAssertionHandler
SDL_GetDefaultAudioInfo
SDL_GetDefaultCursor
SDL_GetDesktopDisplayMode
SDL_GetDisplayBounds
SDL_GetDisplayDPI
SDL_GetDisplayMode
SDL_GetDisplayName
SDL_GetDisplayOrientation
SDL_GetDisplayUsableBounds
SDL_GetError
SDL_GetErrorMsg
SDL_GetEventFilter
SDL_GetGlobalMouseState
SDL_GetGrabbedWindow
SDL_GetHint
SDL_GetHintBoolean
SDL_GetJoystickGUIDInfo
SDL_GetKeyFromName
SDL_GetKeyFromScancode
SDL_GetKeyName
SDL_GetKeyboardFocus
SDL_GetKeyboardState
SDL_GetMemoryFunctions
SDL_GetModState
SDL_GetMouseFocus
SDL_GetMouseState
SDL_GetNumAllocations
SDL_GetNumAudioDevices
SDL_GetNumAudioDrivers
SDL_GetNumDisplayModes
SDL_GetNumRenderDrivers
SDL_GetNumTouchDevices
SDL_GetNumTouchFingers
SDL_GetNumVideoDisplays
SDL_GetNumVideoDrivers
SDL_GetOriginalMemoryFunctions
SDL_GetPerformanceCounter
SDL_GetPerformanceFrequency
SDL_GetPixelFormatName
SDL_GetPlatform
SDL_GetPointDisplayIndex
SDL_GetPowerInfo
SDL_GetPrefPath
SDL_GetPreferredLocales
SDL_GetPrimarySelectionText
SDL_GetQueuedAudioSize
SDL_GetRGB
SDL_GetRGBA
SDL_GetRectDisplayIndex
SDL_GetRelativeMouseMode
SDL_GetRelativeMouseState
SDL_GetRenderDrawBlendMode
SDL_GetRenderDrawColor
SDL_GetRenderDriverInfo
SDL_GetRenderTarget
SDL_GetRenderer
SDL_GetRendererInfo
SDL_GetRendererOutputSize
SDL_GetRevision
SDL_GetRevisionNumber
SDL_GetScancodeFromKey
SDL_GetScancodeFromName
SDL_GetScancodeName
SDL_GetShapedWindowMode
SDL_GetSurfaceAlphaMod
SDL_GetSurfaceBlendMode
SDL_GetSurfaceColorMod
SDL_GetSystemRAM
SDL_GetTextureAlphaMod
SDL_GetTextureBlendMode
SDL_GetTextureColorMod
SDL_GetTextureScaleMode
SDL_GetTextureUserData
SDL_GetThreadID
SDL_GetThreadName
SDL_GetTicks
SDL_GetTicks64
SDL_GetTouchDevice
SDL_GetTouchDeviceType
SDL_GetTouchFinger
SDL_GetTouchName
SDL_GetVersion
SDL_GetVideoDriver
SDL_GetWindowBordersSize
SDL_GetWindowBrightness
SDL_GetWindowData
SDL_GetWindowDisplayIndex
SDL_GetWindowDisplayMode
SDL_GetWindowFlags
SDL_GetWindowFromID
SDL_GetWindowGammaRamp
SDL_GetWindowGrab
SDL_GetWindowICCProfile
SDL_GetWindowID
SDL_GetWindowKeyboardGrab
SDL_GetWindowMaximumSize
SDL_GetWindowMinimumSize
SDL_GetWindowMouseGrab
SDL_GetWindowMouseRect
SDL_GetWindowOpacity
SDL_GetWindowPixelFormat
SDL_GetWindowPosition
SDL_GetWindowSize
SDL_GetWindowSizeInPixels
SDL_GetWindowSurface
SDL_GetWindowTitle
SDL_GetWindowWMInfo
SDL_GetYUVConversionMode
SDL_GetYUVConversionModeForResolution
SDL_HapticClose
SDL_HapticDestroyEffect
SDL_HapticEffectSupported
SDL_HapticGetEffectStatus
SDL_HapticIndex
SDL_HapticName
SDL_HapticNewEffect
SDL_HapticNumAxes
SDL_HapticNumEffects
SDL_HapticNumEffectsPlaying
SDL_HapticOpen
SDL_HapticOpenFromJoystick
SDL_HapticOpenFromMouse
SDL_HapticOpened
SDL_HapticPause
SDL_HapticQuery
SDL_HapticRumbleInit
SDL_HapticRumblePlay
SDL_HapticRumbleStop
SDL_HapticRumbleSupported
SDL_HapticRunEffect
SDL_HapticSetAutocenter
SDL_HapticSetGain
SDL_HapticStopAll
SDL_HapticStopEffect
SDL_HapticUnpause
SDL_HapticUpdateEffect
SDL_Has3DNow
SDL_HasARMSIMD
SDL_HasAVX
SDL_HasAVX2
SDL_HasAVX512F
SDL_HasAltiVec
SDL_HasClipboardText
SDL_HasColorKey
SDL_HasEvent
SDL_HasEvents
SDL_HasIntersection
SDL_HasIntersectionF
SDL_HasLASX
SDL_HasLSX
SDL_HasMMX
SDL_HasNEON
SDL_HasPrimarySelectionText
SDL_HasRDTSC
SDL_HasSSE
SDL_HasSSE2
SDL_HasSSE3
SDL_HasSSE41
SDL_HasSSE42
SDL_HasScreenKeyboardSupport
SDL_HasSurfaceRLE
SDL_HasWindowSurface
SDL_HideWindow
SDL_Init
SDL_InitSubSystem
SDL_IntersectFRect
SDL_IntersectFRectAndLine
SDL_IntersectRect
SDL_IntersectRectAndLine
SDL_IsGameController
SDL_IsScreenKeyboardShown
SDL_IsScreenSaverEnabled
SDL_IsShapedWindow
SDL_IsTablet
SDL_IsTextInputActive
SDL_IsTextInputShown
SDL_JoystickAttachVirtual
SDL_JoystickAttachVirtualEx
SDL_JoystickClose
SDL_JoystickCurrentPowerLevel
SDL_JoystickDetachVirtual
SDL_JoystickEventState
SDL_JoystickFromInstanceID
SDL_JoystickFromPlayerIndex
SDL_JoystickGetAttached
SDL_JoystickGetAxis
SDL_JoystickGetAxisInitialState
SDL_JoystickGetBall
SDL_JoystickGetButton
SDL_JoystickGetDeviceGUID
SDL_JoystickGetDeviceInstanceID
SDL_JoystickGetDevicePlayerIndex
SDL_JoystickGetDeviceProduct
SDL_JoystickGetDeviceProductVersion
SDL_JoystickGetDeviceType
SDL_JoystickGetDeviceVendor
SDL_JoystickGetFirmwareVersion
SDL_JoystickGetGUID
SDL_JoystickGetGUIDFromString
SDL_JoystickGetGUIDString
SDL_JoystickGetHat
SDL_JoystickGetPlayerIndex
SDL_JoystickGetProduct
SDL_JoystickGetProductVersion
SDL_JoystickGetSerial
SDL_JoystickGetType
SDL_JoystickGetVendor
SDL_JoystickHasLED
SDL_JoystickHasRumble
SDL_JoystickHasRumbleTriggers
SDL_JoystickInstanceID
SDL_JoystickIsHaptic
SDL_JoystickIsVirtual
SDL_JoystickName
SDL_JoystickNameForIndex
SDL_JoystickNumAxes
SDL_JoystickNumBalls
SDL_JoystickNumButtons
SDL_JoystickNumHats
SDL_JoystickOpen
SDL_JoystickPath
SDL_JoystickPathForIndex
SDL_JoystickRumble
SDL_JoystickRumbleTriggers
SDL_JoystickSendEffect
SDL_JoystickSetLED
SDL_JoystickSetPlayerIndex
SDL_JoystickSetVirtualAxis
SDL_JoystickSetVirtualButton
SDL_JoystickSetVirtualHat
SDL_JoystickUpdate
SDL_LoadBMP_RW
SDL_LoadDollarTemplates
SDL_LoadFile
SDL_LoadFile_RW
SDL_LoadFunction
SDL_LoadObject
SDL_LoadWAV_RW
SDL_LockAudio
SDL_LockAudioDevice
SDL_LockJoysticks
SDL_LockMutex
SDL_LockSensors
SDL_LockSurface
SDL_LockTexture
SDL_LockTextureToSurface
SDL_Log
SDL_LogCritical
SDL_LogDebug
SDL_LogError
SDL_LogGetOutputFunction
SDL_LogGetPriority
SDL_LogInfo
SDL_LogMessage
SDL_LogMessageV
SDL_LogResetPriorities
SDL_LogSetAllPriority
SDL_LogSetOutputFunction
SDL_LogSetPriority
SDL_LogVerbose
SDL_LogWarn
SDL_LowerBlit
SDL_LowerBlitScaled
SDL_MapRGB
SDL_MapRGBA
SDL_MasksToPixelFormatEnum
SDL_MaximizeWindow
SDL_MemoryBarrierAcquireFunction
SDL_MemoryBarrierReleaseFunction
SDL_Metal_CreateView
SDL_Metal_DestroyView
SDL_Metal_GetDrawableSize
SDL_Metal_GetLayer
SDL_MinimizeWindow
SDL_MixAudio
SDL_MixAudioFormat
SDL_MouseIsHaptic
SDL_NewAudioStream
SDL_NumHaptics
SDL_NumJoysticks
SDL_NumSensors
SDL_OnApplicationDidBecomeActive
SDL_OnApplicationDidEnterBackground
SDL_OnApplicationDidReceiveMemoryWarning
SDL_OnApplicationWillEnterForeground
SDL_OnApplicationWillResignActive
SDL_OnApplicationWillTerminate
SDL_OpenAudio
SDL_OpenAudioDevice
SDL_OpenURL
SDL_PauseAudio
SDL_PauseAudioDevice
SDL_PeepEvents
SDL_PixelFormatEnumToMasks
SDL_PollEvent
SDL_PremultiplyAlpha
SDL_PumpEvents
SDL_PushEvent
SDL_QueryTexture
SDL_QueueAudio
SDL_Quit
SDL_QuitSubSystem
SDL_RWFromConstMem
SDL_RWFromFP
SDL_RWFromFile
SDL_RWFromMem
SDL_RWclose
SDL_RWread

Sections

.text
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 98KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 785KB - Virtual size: 784KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 54KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 10KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 88B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 792B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Vita3K.exe
.exe windows:6 windows x64 arch:x64

Password: infected

c2bca6ea9edcd8a19ac5f2e7840664bf

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

discord_game_sdk

DiscordCreate

advapi32

CryptEncrypt
CryptHashData
GetTokenInformation
OpenProcessToken
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
DeregisterEventSource
RegisterEventSourceW
ReportEventW
CryptAcquireContextW
CryptReleaseContext
CryptGenRandom
CryptDestroyKey
CryptSetHashParam
CryptGetProvParam
CryptGetUserKey
CryptExportKey
CryptDecrypt
CryptCreateHash
CryptDestroyHash
CryptSignHashW
CryptEnumProvidersW
OpenThreadToken
CryptGetHashParam
CryptImportKey

crypt32

CertCloseStore
CertEnumCertificatesInStore
CertFindCertificateInStore
CertDuplicateCertificateContext
CertOpenStore
CertGetCertificateContextProperty
CertOpenSystemStoreW
CryptStringToBinaryW
PFXImportCertStore
CryptDecodeObjectEx
CertAddCertificateContextToStore
CertFreeCertificateContext
CertGetNameStringW
CryptQueryObject
CertCreateCertificateChainEngine
CertFreeCertificateChainEngine
CertGetCertificateChain
CertFreeCertificateChain
CertFindExtension

avrt

AvSetMmThreadCharacteristicsA
AvRevertMmThreadCharacteristics

winmm

waveOutGetNumDevs
waveOutPause
waveOutOpen
waveInGetNumDevs
waveOutMessage
waveOutWrite
waveOutUnprepareHeader
timeGetTime
waveOutGetPosition
waveOutGetDevCapsA
waveOutReset
waveOutClose
waveInGetDevCapsA
waveOutPrepareHeader
waveInMessage
waveOutRestart

sdl2

SDL_GL_DeleteContext
SDL_memcpy
SDL_GL_GetProcAddress
SDL_wcslen
SDL_strlen
SDL_iconv_string
SDL_SetMainReady
SDL_GL_CreateContext
SDL_GetSystemRAM
SDL_Init
SDL_SetHint
SDL_Vulkan_GetVkGetInstanceProcAddr
SDL_GL_SetAttribute
SDL_Quit
SDL_SetWindowTitle
SDL_GL_SwapWindow
SDL_free
SDL_PollEvent
SDL_SetWindowFullscreen
SDL_GetBasePath
SDL_GL_GetDrawableSize
SDL_DestroyWindow
SDL_Vulkan_GetDrawableSize
SDL_GetDisplayDPI
SDL_CreateWindow
SDL_GetPrefPath
SDL_ShowSimpleMessageBox
SDL_GetTicks
SDL_GetKeyboardState
SDL_GameControllerTypeForIndex
SDL_GameControllerHasLED
SDL_GameControllerSetSensorEnabled
SDL_NumJoysticks
SDL_GameControllerClose
SDL_JoystickGetDeviceGUID
SDL_IsGameController
SDL_GameControllerOpen
SDL_GameControllerGetAttached
SDL_GameControllerHasSensor
SDL_GameControllerGetButton
SDL_GameControllerSetLED
SDL_GameControllerNameForIndex
SDL_GameControllerGetAxis
SDL_GetPerformanceCounter
SDL_GetWindowWMInfo
SDL_ShowCursor
SDL_SetClipboardText
SDL_GetMouseState
SDL_GetClipboardText
SDL_GetModState
SDL_GetWindowFlags
SDL_SetCursor
SDL_CreateSystemCursor
SDL_GetPerformanceFrequency
SDL_GetWindowSize
SDL_GL_SetSwapInterval
SDL_OpenURL
SDL_GetPowerInfo
SDL_FreeCursor
SDL_PushEvent
SDL_GameControllerRumble
SDL_AudioStreamAvailable
SDL_PauseAudioDevice
SDL_DequeueAudio
SDL_CloseAudioDevice
SDL_OpenAudioDevice
SDL_GetError
SDL_Vulkan_CreateSurface
SDL_Vulkan_GetInstanceExtensions
SDL_GetVersion
SDL_GameControllerGetSensorData
SDL_GameControllerGetSensorDataWithTimestamp
SDL_CreateSemaphore
SDL_CreateThread
SDL_DestroySemaphore
SDL_SemWait
SDL_SemPost
SDL_FreeAudioStream
SDL_AudioStreamGet
SDL_NewAudioStream
SDL_MixAudioFormat
SDL_AudioStreamPut
SDL_GetMouseFocus
SDL_GetCPUCount

ws2_32

WSAIoctl
WSAWaitForMultipleEvents
WSAResetEvent
WSAEventSelect
WSAEnumNetworkEvents
WSACreateEvent
WSACloseEvent
shutdown
getservbyname
getservbyport
inet_addr
getpeername
WSASetLastError
getsockname
recvfrom
freeaddrinfo
sendto
setsockopt
__WSAFDIsSet
WSAGetLastError
ioctlsocket
inet_ntoa
gethostbyname
ntohl
inet_pton
gethostbyaddr
ntohs
inet_ntop
gethostname
getaddrinfo
connect
WSACleanup
getsockopt
accept
bind
closesocket
select
listen
WSAStartup
htons
send
socket
recv
htonl

ole32

CoCreateInstance
CoInitializeEx
CoUninitialize
CoTaskMemFree
PropVariantClear

user32

MessageBoxA
SetClipboardData
GetSystemMetrics
GetDesktopWindow
MessageBoxW
GetProcessWindowStation
GetClipboardData
EmptyClipboard
CloseClipboard
OpenClipboard
GetUserObjectInformationW

bcrypt

BCryptOpenAlgorithmProvider
BCryptGenRandom
BCryptCloseAlgorithmProvider

iphlpapi

GetAdaptersInfo

kernel32

CopyFileW
GetFileInformationByHandleEx
CreateSymbolicLinkW
RtlCaptureContext
RtlLookupFunctionEntry
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
RaiseException
GetCommandLineW
SetFileInformationByHandle
GetFinalPathNameByHandleW
GetLocaleInfoEx
LoadLibraryExA
LoadLibraryExW
CreateMutexA
GetProcessAffinityMask
InitializeConditionVariable
WakeConditionVariable
SleepConditionVariableSRW
WakeAllConditionVariable
InitOnceComplete
InitOnceBeginInitialize
MoveFileExA
WriteConsoleW
RtlDeleteFunctionTable
RtlAddFunctionTable
InterlockedPopEntrySList
InitializeSListHead
InterlockedPushEntrySList
InterlockedFlushSList
SetThreadPriority
VerifyVersionInfoA
CreateEventA
ResetEvent
GetFileSizeEx
VerifyVersionInfoW
VerSetConditionMask
WaitForMultipleObjects
PeekNamedPipe
ReadFile
GetEnvironmentVariableA
WaitForSingleObjectEx
GetSystemDirectoryW
GetCurrentThread
QueryPerformanceFrequency
CreateEventW
SetEvent
InitializeCriticalSectionEx
GetTickCount
QueryPerformanceCounter
WriteConsoleA
SetConsoleTextAttribute
GetConsoleScreenBufferInfo
GetDynamicTimeZoneInformation
AreFileApisANSI
MoveFileExW
CopyFileExW
CreateDirectoryExW
DeviceIoControl
SetFileAttributesW
RemoveDirectoryW
GetFileTime
GetFileInformationByHandle
GetFileAttributesExW
GetFileAttributesW
GetDiskFreeSpaceExW
FlushFileBuffers
DeleteFileW
CreateFileW
CreateDirectoryW
GetCurrentDirectoryW
ReadConsoleW
ReadConsoleA
SetConsoleMode
GetConsoleMode
LoadLibraryW
RtlVirtualUnwind
GetSystemTimeAsFileTime
ConvertThreadToFiberEx
ConvertFiberToThread
Sleep
WriteFile
GetFileType
GetStdHandle
GetACP
GetEnvironmentVariableW
CreateSemaphoreA
GetExitCodeThread
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
LoadLibraryA
FreeLibrary
GetSystemDirectoryA
FindFirstFileW
SystemTimeToFileTime
GetSystemTime
GetModuleHandleExW
CreateFiberEx
DeleteFiber
SwitchToFiber
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
AcquireSRWLockShared
AcquireSRWLockExclusive
ReleaseSRWLockShared
ReleaseSRWLockExclusive
InitializeSRWLock
GlobalUnlock
GetModuleHandleA
GlobalLock
GlobalFree
GlobalAlloc
VirtualAlloc
VirtualFree
VirtualProtect
GetCurrentProcessId
SetLastError
IsDebuggerPresent
SetConsoleOutputCP
AddVectoredExceptionHandler
OutputDebugStringA
SetConsoleTitleA
CreateSemaphoreW
GetCurrentThreadId
WaitForSingleObject
ReleaseSemaphore
MultiByteToWideChar
FormatMessageA
WideCharToMultiByte
LocalFree
FormatMessageW
FindClose
FindNextFileW
GetFullPathNameW
FindFirstFileExW
GetLogicalProcessorInformation
GetProcAddress
SleepEx
ReleaseMutex
GetCurrentProcess
CloseHandle
FreeConsole
HeapFree
TerminateProcess
GetModuleFileNameW
GetLastError
HeapReAlloc
HeapAlloc
GetProcessHeap
GetModuleHandleW
GetVersionExW
GetSystemInfo

shell32

ShellExecuteA
SHCreateItemFromParsingName
CommandLineToArgvW

msvcp140

?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAPEAV12@PEAD_J@Z
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAXAEBVlocale@2@@Z
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@H@Z
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UEAA@XZ
?peek@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAHXZ
??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
?getloc@ios_base@std@@QEBA?AVlocale@2@XZ
?exceptions@ios_base@std@@QEAAXH@Z
?eof@ios_base@std@@QEBA_NXZ
?good@ios_base@std@@QEBA_NXZ
??Bios_base@std@@QEBA_NXZ
?_Getcat@?$ctype@D@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?always_noconv@codecvt_base@std@@QEBA_NXZ
??Bid@locale@std@@QEAA_KXZ
_Strxfrm
?id@?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@2V0locale@2@A
?_Init@locale@std@@CAPEAV_Locimp@12@_N@Z
?_Xregex_error@std@@YAXW4error_type@regex_constants@1@@Z
?_Xbad_function_call@std@@YAXXZ
?id@?$codecvt@_WDU_Mbstatet@@@std@@2V0locale@2@A
?id@?$collate@D@std@@2V0locale@2@A
_Strcoll
_Thrd_id
_Thrd_join
_Cnd_broadcast
?_Getcat@?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?put@?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QEBA?AV?$ostreambuf_iterator@DU?$char_traits@D@std@@@2@V32@AEAVios_base@2@DPEBUtm@@DD@Z
?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
??7ios_base@std@@QEBA_NXZ
?tolower@?$ctype@D@std@@QEBAPEBDPEADPEBD@Z
?tolower@?$ctype@D@std@@QEBADD@Z
?_Getcat@?$codecvt@_WDU_Mbstatet@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?in@?$codecvt@_WDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEA_W3AEAPEA_W@Z
??1facet@locale@std@@MEAA@XZ
??0facet@locale@std@@IEAA@_K@Z
?_Decref@facet@locale@std@@UEAAPEAV_Facet_base@3@XZ
?_Incref@facet@locale@std@@UEAAXXZ
?_Getcoll@_Locinfo@std@@QEBA?AU_Collvec@@XZ
??1_Locinfo@std@@QEAA@XZ
??0_Locinfo@std@@QEAA@PEBD@Z
?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
?_New_Locimp@_Locimp@locale@std@@CAPEAV123@AEBV123@@Z
?_Winerror_map@std@@YAHH@Z
?_Fiopen@std@@YAPEAU_iobuf@@PEBDHH@Z
?setw@std@@YA?AU?$_Smanip@_J@1@_J@Z
?_Syserror_map@std@@YAPEBDH@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@_N@Z
?tellp@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA?AV?$fpos@U_Mbstatet@@@2@XZ
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADD@Z
??4?$_Yarn@D@std@@QEAAAEAV01@PEBD@Z
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAVios_base@1@AEAV21@@Z@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@I@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@N@Z
?put@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@D@Z
?setf@ios_base@std@@QEAAHHH@Z
??1?$codecvt@_WDU_Mbstatet@@@std@@MEAA@XZ
??0?$codecvt@_WDU_Mbstatet@@@std@@QEAA@_K@Z
?_Addfac@_Locimp@locale@std@@AEAAXPEAVfacet@23@_K@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@K@Z
?out@?$codecvt@_WDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEB_W1AEAPEB_WPEAD3AEAPEAD@Z
_Cnd_do_broadcast_at_thread_exit
?_Xinvalid_argument@std@@YAXPEBD@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEAI@Z
?write@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@PEBD_J@Z
?read@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@PEAD_J@Z
?seekg@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@_JH@Z
?tellg@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA?AV?$fpos@U_Mbstatet@@@2@XZ
_Thrd_detach
?id@?$numpunct@D@std@@2V0locale@2@A
?_Gettrue@_Locinfo@std@@QEBAPEBDXZ
?_Getfalse@_Locinfo@std@@QEBAPEBDXZ
?_Getlconv@_Locinfo@std@@QEBAPEBUlconv@@XZ
_Cnd_signal
_Cnd_init_in_situ
_Cnd_destroy_in_situ
?cin@std@@3V?$basic_istream@DU?$char_traits@D@std@@@1@A
_Thrd_yield
_Cnd_timedwait
?toupper@?$ctype@D@std@@QEBADD@Z
?_Random_device@std@@YAIXZ
?seekg@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@V?$fpos@U_Mbstatet@@@2@@Z
?seekp@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@_JH@Z
?clear@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
?seekp@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@V?$fpos@U_Mbstatet@@@2@@Z
?fail@ios_base@std@@QEBA_NXZ
?__ExceptionPtrCreate@@YAXPEAX@Z
?cerr@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
?__ExceptionPtrDestroy@@YAXPEAX@Z
?__ExceptionPtrCurrentException@@YAXPEAX@Z
?__ExceptionPtrRethrow@@YAXPEBX@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEAG@Z
?do_encoding@codecvt_base@std@@MEBAHXZ
?do_max_length@codecvt_base@std@@MEBAHXZ
??1codecvt_base@std@@UEAA@XZ
??0codecvt_base@std@@QEAA@_K@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@G@Z
_Mtx_trylock
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
?_Locimp_Addfac@_Locimp@locale@std@@CAXPEAV123@PEAVfacet@23@_K@Z
?get@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAHXZ
?sgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEAD_J@Z
?putback@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@D@Z
?_Getcvt@_Locinfo@std@@QEBA?AU_Cvtvec@@XZ
?seekoff@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA?AV?$fpos@U_Mbstatet@@@2@_JHH@Z
?seekpos@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA?AV?$fpos@U_Mbstatet@@@2@V32@H@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z
_Query_perf_frequency
??1_Lockit@std@@QEAA@XZ
??0_Lockit@std@@QEAA@H@Z
?_Throw_Cpp_error@std@@YAXH@Z
?uncaught_exceptions@std@@YAHXZ
?_Getgloballocale@locale@std@@CAPEAV_Locimp@12@XZ
?classic@locale@std@@SAAEBV12@XZ
?_Xbad_alloc@std@@YAXXZ
?_Xout_of_range@std@@YAXPEBD@Z
?id@?$codecvt@DDU_Mbstatet@@@std@@2V0locale@2@A
?_Fiopen@std@@YAPEAU_iobuf@@PEB_WHH@Z
?id@?$ctype@D@std@@2V0locale@2@A
?_Xlength_error@std@@YAXPEBD@Z
_Mtx_lock
_Cnd_wait
_Query_perf_counter
_Xtime_get_ticks
_Mtx_unlock
?imbue@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAA?AVlocale@2@AEBV32@@Z
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@F@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@_K@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@M@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAVios_base@1@AEAV21@@Z@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEAF@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEAH@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEA_K@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEAM@Z
?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEBA?AVlocale@2@XZ
?snextc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
?pbase@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?unshift@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEAD1AEAPEAD@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXXZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
?_Ipfx@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA_N_N@Z
?in@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
?out@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?eback@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?gptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?pptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?egptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?epptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??_D?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?pbackfail@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHH@Z
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ
?underflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ

version

GetFileVersionInfoSizeExW
VerQueryValueW
GetFileVersionInfoExW

imm32

ImmSetCompositionWindow
ImmGetContext
ImmSetCandidateWindow
ImmReleaseContext

vcruntime140_1

__CxxFrameHandler4

vcruntime140

__std_exception_destroy
__std_exception_copy
__std_terminate
__intrinsic_setjmp
__current_exception_context
__current_exception
longjmp
wcschr
__RTDynamicCast
_CxxThrowException
wcsstr
memmove
memset
memcpy
memcmp
memchr
strrchr
strstr
__C_specific_handler
_purecall
strchr
__std_type_info_compare

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vfprintf
fclose
fgets
_setmode
__p__commode
fgetc
fopen
feof
_close
__stdio_common_vsscanf
_sopen
_wsopen
fseek
fwrite
fgetpos
ferror
setvbuf
_write
_read
ungetc
fsetpos
_wfopen_s
_ftelli64
_fileno
_chsize_s
fopen_s
__stdio_common_vswprintf
_set_fmode
fread
__stdio_common_vsprintf_s
__stdio_common_vsprintf
fflush
_fseeki64
_get_stream_buffer_pointers
fputs
_get_osfhandle
fputc
puts
__stdio_common_vsnprintf_s
ftell
_wfsopen
_lseeki64
_isatty
_wopen
__acrt_iob_func
_wfopen

api-ms-win-crt-heap-l1-1-0

_set_new_mode
_aligned_free
free
calloc
_callnewh
_aligned_realloc
realloc
malloc
_aligned_malloc

api-ms-win-crt-filesystem-l1-1-0

_fstat64
_lock_file
_unlock_file
_wmkdir
_stat64
_wstat64i32
_wstat64
_stat64i32
_unlink

api-ms-win-crt-process-l1-1-0

_execv

api-ms-win-crt-math-l1-1-0

acos
asin
atan
tan
tanh
fabs
cosh
sinh
_ldsign
trunc
atan2
_dsign
acosf
lrint
__setusermatherr
atan2f
log
_dclass
exp
roundf
frexp
scalbn
ldexp
exp2f
floor
log2f
_fdopen
cosf
sqrt
lrintf
cos
pow
cbrt
fmod
exp2
sinf
rint
sin
cbrtf
sqrtf
powf
log2
ceilf
hypot
ceil
llrint
llrintf
logf
_fdpcomp
fmodf
_dpcomp
round
floorf
fma
fmaf
atanf
_fdsign

api-ms-win-crt-runtime-l1-1-0

__sys_errlist
__sys_nerr
_set_app_type
_seh_filter_exe
_beginthreadex
exit
_cexit
terminate
_wassert
_crt_atexit
system
_register_onexit_function
_initialize_onexit_table
_initialize_narrow_environment
signal
_configure_narrow_argv
_initterm
_initterm_e
raise
_set_errno
_invalid_parameter_noinfo_noreturn
__p___argc
_errno
strerror
_exit
__p___argv
_c_exit
_register_thread_local_exe_atexit_callback
set_terminate
_get_initial_narrow_environment
_endthreadex
strerror_s
abort

api-ms-win-crt-time-l1-1-0

_gmtime64
_get_timezone
_time64
_localtime64_s
_tzset
strftime
_get_dstbias
_mkgmtime64
_difftime64
clock
_mktime64
_utime64
_localtime64
_gmtime64_s

api-ms-win-crt-string-l1-1-0

strncpy
tolower
toupper
_strnicmp
strnlen
isdigit
strtok
strcmp
strspn
strncmp
strcpy_s
strcat_s
strncat
strncpy_s
strcpy
wcscat
wcscpy
wcslen
strlen
_strdup
wcsncpy_s
wcsncpy
strpbrk
wcsncmp
isgraph
wcspbrk
isprint
isspace
strcspn
_wcsdup

api-ms-win-crt-convert-l1-1-0

strtod
strtoul
atof
strtoull
wcstombs
strtol
strtold
mbstowcs
strtoll
atoi

api-ms-win-crt-environment-l1-1-0

_dupenv_s
getenv

api-ms-win-crt-utility-l1-1-0

qsort
bsearch

api-ms-win-crt-locale-l1-1-0

localeconv
___lc_codepage_func
_configthreadlocale

Exports

Exports

AmdPowerXpressRequestHighPerformance
NvOptimusEnablement

Sections

.text
Size: 20.5MB - Virtual size: 20.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4.9MB - Virtual size: 4.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 620KB - Virtual size: 10.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 811KB - Virtual size: 810KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 725KB - Virtual size: 725KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 124KB - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
data/fonts/LICENSE_E
data/fonts/LICENSE_J
data/fonts/LICENSE_SC
data/fonts/SourceHanSansSC-Bold-Min.ttf
data/fonts/mplus-1mn-bold.ttf
data/image/icon.png
.png

Password: infected
discord_game_sdk.dll
.dll windows:6 windows x64 arch:x64

Password: infected

7630e2b3db583384d5348c364b4c56c3

Code Sign

02:d6:aa:ea:b3:92:48:59:80:5e:bb:52:9e:31:4d:e0
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

11-02-2021 00:00

Not After

02-05-2024 23:59

Subject

SERIALNUMBER=5128862,CN=Discord Inc.,OU=Select or enter,O=Discord Inc.,L=San Francisco,ST=California,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130844656c6177617265,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18-04-2012 12:00

Not After

18-04-2027 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0a:7a:4a:88:9e:c9:99:42:90:06:63:38:4d:86:97:9d
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

29-03-2022 00:00

Not After

14-03-2033 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23-03-2022 00:00

Not After

22-03-2037 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

02:d6:aa:ea:b3:92:48:59:80:5e:bb:52:9e:31:4d:e0
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

11-02-2021 00:00

Not After

02-05-2024 23:59

Subject

SERIALNUMBER=5128862,CN=Discord Inc.,OU=Select or enter,O=Discord Inc.,L=San Francisco,ST=California,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130844656c6177617265,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18-04-2012 12:00

Not After

18-04-2027 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0a:7a:4a:88:9e:c9:99:42:90:06:63:38:4d:86:97:9d
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

29-03-2022 00:00

Not After

14-03-2033 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23-03-2022 00:00

Not After

22-03-2037 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

41:e2:71:d4:d2:0d:bf:87:fe:76:cd:b7:88:98:f0:d1:fc:15:5f:10:dc:99:b3:47:28:4a:d9:ee:49:b8:66:b2
Signer

Actual PE Digest

41:e2:71:d4:d2:0d:bf:87:fe:76:cd:b7:88:98:f0:d1:fc:15:5f:10:dc:99:b3:47:28:4a:d9:ee:49:b8:66:b2

Digest Algorithm

sha256

PE Digest Matches

true

de:d4:45:e0:a1:ac:c5:cb:e8:3b:b4:b6:c0:b7:1c:87:ac:c9:f0:0c
Signer

Actual PE Digest

de:d4:45:e0:a1:ac:c5:cb:e8:3b:b4:b6:c0:b7:1c:87:ac:c9:f0:0c

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

c:\b\discord\discord\target\x86_64-pc-windows-msvc\release\deps\discord_game_sdk.pdb

Imports

ws2_32

WSAGetLastError
bind
sendto
getaddrinfo
freeaddrinfo
WSACleanup
WSAStartup
WSASocketW
ioctlsocket
recv
closesocket

kernel32

LCMapStringW
WideCharToMultiByte
MultiByteToWideChar
GetCommandLineA
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
FindFirstFileExW
GetModuleHandleExW
LoadLibraryExW
TlsFree
InitializeCriticalSectionAndSpinCount
EncodePointer
AcquireSRWLockExclusive
LoadLibraryW
GetLastError
ReleaseSRWLockExclusive
CloseHandle
GetProcAddress
FreeLibrary
GetModuleFileNameW
SetErrorMode
SetThreadErrorMode
lstrlenW
SetEnvironmentVariableW
GetProcessId
WaitForSingleObject
GetExitCodeProcess
GetFileInformationByHandle
CancelIoEx
WriteFile
ReadFile
GetOverlappedResult
FlushFileBuffers
CreateIoCompletionPort
GetQueuedCompletionStatusEx
PostQueuedCompletionStatus
SleepConditionVariableSRW
SetHandleInformation
GetSystemInfo
RtlVirtualUnwind
ReleaseMutex
GetCurrentProcess
GetCurrentThread
RtlCaptureContext
RtlLookupFunctionEntry
LoadLibraryA
CreateMutexA
InitializeCriticalSection
LeaveCriticalSection
FreeEnvironmentStringsW
FindClose
ReleaseSRWLockShared
SwitchToThread
SetLastError
GetCurrentDirectoryW
GetEnvironmentStringsW
GetEnvironmentVariableW
GetTempPathW
GetCommandLineW
SetFilePointerEx
EnterCriticalSection
GetStdHandle
TerminateProcess
GetCurrentProcessId
WakeAllConditionVariable
WakeConditionVariable
TryEnterCriticalSection
GetSystemTimeAsFileTime
SetThreadStackGuarantee
HeapAlloc
GetProcessHeap
HeapFree
TlsAlloc
HeapReAlloc
AcquireSRWLockShared
FindNextFileW
CreateFileW
DeviceIoControl
CreateDirectoryW
FindFirstFileW
DeleteFileW
DeleteCriticalSection
GetModuleHandleW
FormatMessageW
ExitProcess
GetFullPathNameW
CreateThread
TlsGetValue
TlsSetValue
QueryPerformanceFrequency
GetModuleHandleA
GetConsoleMode
WriteConsoleW
InterlockedFlushSList
GetFileType
GetStringTypeW
HeapSize
SetStdHandle
GetConsoleOutputCP
WaitForSingleObjectEx
QueryPerformanceCounter
RaiseException
RtlPcToFileHeader
RtlUnwindEx
IsProcessorFeaturePresent
GetStartupInfoW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsDebuggerPresent
InitializeSListHead
GetCurrentThreadId

advapi32

SystemFunction036
RegCloseKey
RegCreateKeyTransactedW
RegSetValueExW
RegQueryValueExW
RegOpenKeyExW

ktmw32

CreateTransaction
CommitTransaction

ole32

CoTaskMemFree

shell32

SHGetKnownFolderPath
ShellExecuteExW

bcrypt

BCryptGenRandom

Exports

Exports

DiscordCreate
DiscordVersion
rust_eh_personality

Sections

.text
Size: 2.4MB - Virtual size: 2.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 821KB - Virtual size: 820KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 116KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gehcont
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
lang/system/da.xml
.xml
lang/system/de.xml
.xml
lang/system/en-gb.xml
.xml
lang/system/en.xml
.xml
lang/system/es.xml
.xml
lang/system/fi.xml
.xml
lang/system/fr.xml
.xml
lang/system/it.xml
.xml
lang/system/ja.xml
.xml
lang/system/ko.xml
.xml
lang/system/nl.xml
.xml
lang/system/no.xml
.xml
lang/system/pl.xml
.xml
lang/system/pt-br.xml
.xml
lang/system/pt.xml
.xml
lang/system/ru.xml
.xml
lang/system/sv.xml
.xml
lang/system/tr.xml
.xml
lang/system/zh-s.xml
.xml
lang/system/zh-t.xml
.xml
lang/user/id.xml
.xml
lang/user/ms.xml
.xml
lang/user/ua.xml
.xml
shaders-builtin/opengl/render_main.frag
shaders-builtin/opengl/render_main.vert
shaders-builtin/opengl/render_main_bicubic.frag
shaders-builtin/opengl/render_main_fxaa.frag
shaders-builtin/vulkan/fsr_filter_easu.comp
.vbs
shaders-builtin/vulkan/fsr_filter_easu.comp.spv
shaders-builtin/vulkan/fsr_filter_rcas.comp
shaders-builtin/vulkan/fsr_filter_rcas.comp.spv
shaders-builtin/vulkan/render_main.frag
shaders-builtin/vulkan/render_main.frag.spv
shaders-builtin/vulkan/render_main.vert
shaders-builtin/vulkan/render_main.vert.spv
shaders-builtin/vulkan/render_main_bicubic.frag
shaders-builtin/vulkan/render_main_bicubic.frag.spv
shaders-builtin/vulkan/render_main_fxaa.frag
shaders-builtin/vulkan/render_main_fxaa.frag.spv
update-vita3k.bat

Sharing

General

Malware Config

Signatures

Files

Password: infected

Password: infected

191a1a035d6495eaba3ad05cd155ce7b

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

gdi32

imm32

kernel32

msvcrt

ole32

oleaut32

setupapi

shell32

user32

version

winmm

Exports

Exports

Sections

.text Size: 1.4MB - Virtual size: 1.4MB

.data Size: 98KB - Virtual size: 98KB

.rdata Size: 785KB - Virtual size: 784KB

.pdata Size: 54KB - Virtual size: 53KB

.xdata Size: 48KB - Virtual size: 47KB

.bss Size: - Virtual size: 10KB

.edata Size: 25KB - Virtual size: 24KB

.idata Size: 12KB - Virtual size: 11KB

.CRT Size: 512B - Virtual size: 88B

.tls Size: 512B - Virtual size: 16B

.rsrc Size: 1024B - Virtual size: 792B

.reloc Size: 7KB - Virtual size: 7KB

Password: infected

c2bca6ea9edcd8a19ac5f2e7840664bf

Headers

DLL Characteristics

File Characteristics

Imports

discord_game_sdk

advapi32

crypt32

avrt

winmm

sdl2

ws2_32

ole32

user32

bcrypt

iphlpapi

kernel32

shell32

msvcp140

version

imm32

vcruntime140_1

vcruntime140

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-filesystem-l1-1-0

api-ms-win-crt-process-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-time-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-environment-l1-1-0

api-ms-win-crt-utility-l1-1-0

api-ms-win-crt-locale-l1-1-0

Exports

Exports

Sections

.text Size: 20.5MB - Virtual size: 20.5MB

.rdata Size: 4.9MB - Virtual size: 4.9MB

.text
Size: 1.4MB - Virtual size: 1.4MB

.data
Size: 98KB - Virtual size: 98KB

.rdata
Size: 785KB - Virtual size: 784KB

.pdata
Size: 54KB - Virtual size: 53KB

.xdata
Size: 48KB - Virtual size: 47KB

.bss
Size: - Virtual size: 10KB

.edata
Size: 25KB - Virtual size: 24KB

.idata
Size: 12KB - Virtual size: 11KB

.CRT
Size: 512B - Virtual size: 88B

.tls
Size: 512B - Virtual size: 16B

.rsrc
Size: 1024B - Virtual size: 792B

.reloc
Size: 7KB - Virtual size: 7KB

.text
Size: 20.5MB - Virtual size: 20.5MB

.rdata
Size: 4.9MB - Virtual size: 4.9MB

.data
Size: 620KB - Virtual size: 10.4MB

.pdata
Size: 811KB - Virtual size: 810KB

.rsrc
Size: 725KB - Virtual size: 725KB

.reloc
Size: 124KB - Virtual size: 124KB

02:d6:aa:ea:b3:92:48:59:80:5e:bb:52:9e:31:4d:e0
Certificate

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

0a:7a:4a:88:9e:c9:99:42:90:06:63:38:4d:86:97:9d
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

02:d6:aa:ea:b3:92:48:59:80:5e:bb:52:9e:31:4d:e0
Certificate

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

0a:7a:4a:88:9e:c9:99:42:90:06:63:38:4d:86:97:9d
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

41:e2:71:d4:d2:0d:bf:87:fe:76:cd:b7:88:98:f0:d1:fc:15:5f:10:dc:99:b3:47:28:4a:d9:ee:49:b8:66:b2
Signer

de:d4:45:e0:a1:ac:c5:cb:e8:3b:b4:b6:c0:b7:1c:87:ac:c9:f0:0c
Signer

.text
Size: 2.4MB - Virtual size: 2.4MB

.rdata
Size: 821KB - Virtual size: 820KB

.data
Size: 3KB - Virtual size: 7KB

.pdata
Size: 116KB - Virtual size: 116KB

.gehcont
Size: 512B - Virtual size: 12B

.reloc
Size: 11KB - Virtual size: 10KB