counter_strike_2_legit_cheat[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

counter_strike_2_legit_cheat.exe
Size

696KB
MD5

bf959baf5538763e32962a496e386f5f
SHA1

efc8245b49309f64790fc3379e0e3e650f413e5e
SHA256

73b4f6b575016f34e6fb85b4f495400c33062586c0543b1ebcab0bbd12e35654
SHA512

5914ffc248d65811b6502cc57c3899ef5af45ad4c277fec01839a84a8a173f68692b4d8074e9d1de31c1ff0eaeb130b130e5123c92b3e802b80306dd54178f35
SSDEEP

6144:R2rNP+ZAwogDg4uG5EO41Qt0x8Z5I+xcUj1sUq9GnLaVVlejGvQ/GCJ86gh9An1a:Ryrot037UBi4LoySvQ/G5Gn1tCz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
counter_strike_2_legit_cheat.exe

Files

counter_strike_2_legit_cheat.exe
.exe windows:6 windows x64 arch:x64

Password: 123

a2a85786c0bbec8bf8c1b5bf2b63f029

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\ashura\Desktop\Counter-Strike-2-Legit-Cheat-main\Counter-Strike-2-Legit-Cheat-main\x64\Release\counter_strike_2_legit_cheat.pdb

Imports

kernel32

Module32FirstW
Module32NextW
GetLastError
GetModuleHandleW
InitializeCriticalSection
QueryPerformanceFrequency
QueryPerformanceCounter
SetThreadExecutionState
GetStartupInfoW
LeaveCriticalSection
DeleteCriticalSection
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
VerSetConditionMask
GetModuleHandleExW
Process32FirstW
Process32NextW
CreateToolhelp32Snapshot
GetConsoleWindow
OpenProcess
IsDebuggerPresent
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
GetCurrentProcess
ReadProcessMemory
Sleep
WriteProcessMemory
FreeLibrary
GetProcAddress
LoadLibraryA
GlobalUnlock
WideCharToMultiByte
GlobalLock
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
LocalFree
EnterCriticalSection
CloseHandle
GlobalFree
GlobalAlloc
FormatMessageW
MultiByteToWideChar

user32

PostMessageW
WaitMessage
DefWindowProcW
RegisterClassExW
CreateWindowExW
DestroyWindow
GetMessageTime
PeekMessageW
GetLayeredWindowAttributes
SetLayeredWindowAttributes
TrackMouseEvent
FlashWindow
MoveWindow
SetWindowPos
TranslateMessage
SetPropW
SetWindowPlacement
IsWindowVisible
SendMessageW
IsIconic
BringWindowToTop
IsZoomed
SetFocus
GetActiveWindow
GetKeyState
MapVirtualKeyW
SetCapture
SetCursor
ReleaseCapture
MsgWaitForMultipleObjects
GetSystemMetrics
SetForegroundWindow
DispatchMessageW
GetRawInputDeviceList
GetPropW
GetRawInputDeviceInfoA
EnumDisplayMonitors
RemovePropW
SetWindowTextW
GetClientRect
GetWindowRect
EnumDisplayDevicesW
AdjustWindowRectEx
SetCursorPos
EnumDisplaySettingsExW
EnumDisplaySettingsW
ChangeDisplaySettingsExW
ToUnicode
UnregisterClassW
UnregisterDeviceNotification
RegisterDeviceNotificationW
RegisterRawInputDevices
GetRawInputData
GetMonitorInfoW
GetDC
MonitorFromWindow
SystemParametersInfoW
ShowWindow
CreateIconIndirect
LoadImageW
DestroyIcon
LoadCursorW
GetClassLongPtrW
SetWindowLongW
GetWindowLongW
PtInRect
OffsetRect
GetAsyncKeyState
GetMessageExtraInfo
SetRect
ClipCursor
WindowFromPoint
ScreenToClient
CallWindowProcW
SetWindowLongPtrW
ClientToScreen
GetWindowLongPtrW
OpenClipboard
GetCursorPos
CloseClipboard
EmptyClipboard
GetClipboardData
SetClipboardData
GetWindowPlacement
ReleaseDC

gdi32

SetPixelFormat
DescribePixelFormat
ChoosePixelFormat
SetDeviceGammaRamp
GetDeviceGammaRamp
SelectObject
DeleteDC
DeleteObject
CreateDIBSection
CreateRectRgn
CreateBitmap
SwapBuffers
CreateFontW
GetDeviceCaps
CreateDCW

oleaut32

VariantClear

opengl32

glLineWidth
glColor3f
glBlendFunc
glBegin
glVertex2f
glEnd
glListBase
glColor4f
glDisable
glPushAttrib
glPopMatrix
glViewport
glClear
glMatrixMode
glLoadIdentity
glEnable
glPushMatrix
glOrtho
glPopAttrib
glCallLists
glRasterPos2f
glGenLists
wglUseFontBitmapsW

glew32

glewInit

imm32

ImmReleaseContext
ImmSetCompositionWindow
ImmGetContext
ImmSetCandidateWindow

msvcp140

??1?$basic_istream@DU?$char_traits@D@std@@@std@@UEAA@XZ
??1_Lockit@std@@QEAA@XZ
??0_Lockit@std@@QEAA@H@Z
?_Getgloballocale@locale@std@@CAPEAV_Locimp@12@XZ
?uncaught_exception@std@@YA_NXZ
?_Xbad_function_call@std@@YAXXZ
?id@?$codecvt@DDU_Mbstatet@@@std@@2V0locale@2@A
?_Fiopen@std@@YAPEAU_iobuf@@PEBDHH@Z
?_Xlength_error@std@@YAXPEBD@Z
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z
?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ
?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEBA?AVlocale@2@XZ
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
?unshift@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEAD1AEAPEAD@Z
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXXZ
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
?in@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
?out@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ
?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ
?clear@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
?always_noconv@codecvt_base@std@@QEBA_NXZ
??Bid@locale@std@@QEAA_KXZ
_Query_perf_frequency
?_Throw_Cpp_error@std@@YAXH@Z
_Mtx_lock
_Query_perf_counter
?cerr@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADD@Z
?put@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@D@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z
_Cnd_do_broadcast_at_thread_exit
_Thrd_id
_Thrd_detach
_Thrd_join

vcruntime140_1

__CxxFrameHandler4

vcruntime140

__std_exception_destroy
memcmp
_CxxThrowException
__current_exception_context
__current_exception
memmove
memset
memcpy
__C_specific_handler
__std_terminate
strstr
strchr
memchr
__std_exception_copy

api-ms-win-crt-stdio-l1-1-0

fread
fseek
__stdio_common_vfprintf
fflush
fwrite
_set_fmode
_wfopen
__p__commode
__stdio_common_vsprintf
_get_stream_buffer_pointers
ftell
_fseeki64
fsetpos
ungetc
setvbuf
fgetpos
__acrt_iob_func
fgetc
fputc
__stdio_common_vsscanf
fclose

api-ms-win-crt-utility-l1-1-0

qsort

api-ms-win-crt-string-l1-1-0

strncmp
_wcsicmp
strncpy
strcspn
strspn
strcmp

api-ms-win-crt-heap-l1-1-0

malloc
_callnewh
_set_new_mode
realloc
free

api-ms-win-crt-convert-l1-1-0

strtoul
mbstowcs_s
strtoull
strtoll
strtod
atof

api-ms-win-crt-math-l1-1-0

powf
fmaxf
_dsign
sqrtf
__setusermatherr
cosf
ceilf
atan2f
acosf
fmod
fmodf
pow
sin
sinf
sqrt
fminf

api-ms-win-crt-filesystem-l1-1-0

_lock_file
_unlock_file

api-ms-win-crt-locale-l1-1-0

_configthreadlocale
localeconv

api-ms-win-crt-runtime-l1-1-0

terminate
_errno
_invalid_parameter_noinfo_noreturn
_beginthreadex
_configure_narrow_argv
_register_thread_local_exe_atexit_callback
_c_exit
__p___argv
__p___argc
exit
_exit
_initterm_e
_initterm
_get_initial_narrow_environment
_set_app_type
_seh_filter_exe
_cexit
_crt_atexit
_register_onexit_function
_initialize_onexit_table
_initialize_narrow_environment

shell32

DragQueryPoint
DragFinish
DragAcceptFiles
DragQueryFileW

Sections

.text
Size: 462KB - Virtual size: 461KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 204KB - Virtual size: 204KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 488B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: 123

a2a85786c0bbec8bf8c1b5bf2b63f029

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

oleaut32

opengl32

glew32

imm32

msvcp140

vcruntime140_1

vcruntime140

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-utility-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-filesystem-l1-1-0

api-ms-win-crt-locale-l1-1-0

api-ms-win-crt-runtime-l1-1-0

shell32

Sections

.text Size: 462KB - Virtual size: 461KB

.rdata Size: 204KB - Virtual size: 204KB

.data Size: 6KB - Virtual size: 20KB

.pdata Size: 20KB - Virtual size: 19KB

.rsrc Size: 512B - Virtual size: 488B

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 462KB - Virtual size: 461KB

.rdata
Size: 204KB - Virtual size: 204KB

.data
Size: 6KB - Virtual size: 20KB

.pdata
Size: 20KB - Virtual size: 19KB

.rsrc
Size: 512B - Virtual size: 488B

.reloc
Size: 2KB - Virtual size: 1KB