The Injector lol made with c# ReIn2ct1[.]zip

Resubmissions

21-09-2024 01:26

240921-btxelayfjj 7

20-09-2024 22:44

240920-2pam5ssflq 3

Sharing

Copy URL

Twitter E-mail

General

Target

The Injector lol made with c# ReIn2ct1.zip
Size

14.1MB
MD5

d0785a1784a9904f6a716618f4e8f878
SHA1

df211857a3a310d1762b27b36c78af905636f2a5
SHA256

213720c1d351d7ba4796a645e08b086fa309423e519d57dd15ad570f3301661a
SHA512

2a50dc542ec9f8bc7006cec3072aa71d643e95afd8eb9b74bb3906571b4d32030d42530ccab17f47c4d115bce78948168f63fb54e2996ecb6b3ae13e29cc3143
SSDEEP

393216:6rj5GryEtqLlVh4Jl8G/10GDO40KVQlifi9AfU/jp8bGhsvQJ:6rnVai8Gw6Kfgj8ssvQJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 13 IoCs

Checks for missing Authenticode signature.

resource
unpack001/ReIn2ct1/BlazeEngine/Modules/ColoredUI.dll
unpack001/ReIn2ct1/BlazeEngine/Modules/gay/BetterLoadingScreen.dll
unpack001/ReIn2ct1/BlazeEngine/Modules/gay/BlazeEngineUpdate.dll
unpack001/ReIn2ct1/BlazeEngine/Modules/gay/FlipScreen.dll
unpack001/ReIn2ct1/BlazeEngine/Modules/gay/Spoof_HWID.dll
unpack001/ReIn2ct1/MainMode.dll
unpack001/ReIn2ct1/Modules/BetterLoadingScreen.dll
unpack001/ReIn2ct1/Modules/BlazeEngineUpdate.dll
unpack001/ReIn2ct1/Modules/FlipScreen.dll
unpack001/ReIn2ct1/Modules/Spoof_HWID.dll
unpack001/ReIn2ct1/ReIn2cs.dll
unpack001/ReIn2ct1/ReIn2ct.exe
unpack001/ReIn2ct1/mm.dll

Files

The Injector lol made with c# ReIn2ct1.zip
.zip
ReIn2ct1/BlazeEngine/CustomStyle.cfg
ReIn2ct1/BlazeEngine/Modules/ColoredUI.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\Users\Biscuit\Documents\Visual Studio 2022\VRC\BE4V Test Module\Module\ColoredUI\obj\Debug\ColoredUI.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 896B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ReIn2ct1/BlazeEngine/Modules/gay/BetterLoadingScreen.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\Users\BlazeBest\Desktop\SDK_v2\VRHustlerTest\BetterLoadingScreen\obj\Debug\BetterLoadingScreen.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 968B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ReIn2ct1/BlazeEngine/Modules/gay/BlazeEngineUpdate.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\Users\BlazeBest\Desktop\SDK_v2\VRHustlerTest\BlazeEngineUpdate\obj\Debug\BlazeEngineUpdate.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 952B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ReIn2ct1/BlazeEngine/Modules/gay/FlipScreen.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\Users\BlazeBest\Desktop\SDK_v2\VRHustlerTest\FlipScreen\obj\Debug\FlipScreen.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 904B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ReIn2ct1/BlazeEngine/Modules/gay/Spoof_HWID.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\Users\BlazeBest\Desktop\SDK_v2\VRHustlerTest\Spoof_HWID\obj\Debug\Spoof_HWID.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 904B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ReIn2ct1/BlazeEngine/Sprites/MediaBack.png
.png
ReIn2ct1/BlazeEngine/Sprites/MediaNext.png
.png
ReIn2ct1/BlazeEngine/Sprites/MediaPause.png
.png
ReIn2ct1/BlazeEngine/Sprites/clipboard.png
.png
ReIn2ct1/BlazeEngine/Sprites/default/LeftWingIcon.png
.png
ReIn2ct1/BlazeEngine/Sprites/default/Menu_Dashboard_Button_Avatars.png
.png
ReIn2ct1/BlazeEngine/Sprites/default/Menu_Dashboard_Button_CalibrateFBT.png
.png
ReIn2ct1/BlazeEngine/Sprites/default/Menu_Dashboard_Button_Emojis.png
.png
ReIn2ct1/BlazeEngine/Sprites/default/Menu_Dashboard_Button_GoHome.png
.png
ReIn2ct1/BlazeEngine/Sprites/default/Menu_Dashboard_Button_InteractionPauseWithState.png
.png
ReIn2ct1/BlazeEngine/Sprites/default/Menu_Dashboard_Button_Respawn.png
.png
ReIn2ct1/BlazeEngine/Sprites/default/Menu_Dashboard_Button_Safety.png
.png
ReIn2ct1/BlazeEngine/Sprites/default/Menu_Dashboard_Button_SelectUser.png
.png
ReIn2ct1/BlazeEngine/Sprites/default/Menu_Dashboard_Button_Social.png
.png
ReIn2ct1/BlazeEngine/Sprites/default/Menu_Dashboard_Button_ViewGroups.png
.png
ReIn2ct1/BlazeEngine/Sprites/default/Menu_Dashboard_Button_Worlds.png
.png
ReIn2ct1/BlazeEngine/Sprites/default/Menu_Dashboard_SitStandCalibrateButton_off.png
.png
ReIn2ct1/BlazeEngine/Sprites/default/Menu_Dashboard_SitStandCalibrateButton_on.png
.png
ReIn2ct1/BlazeEngine/Sprites/default/RightWingIcon.png
.png
ReIn2ct1/BlazeEngine/Sprites/logo.png
.png
ReIn2ct1/BlazeEngine/Sprites/nameplate.png
.png
ReIn2ct1/BlazeEngine/Sprites/off.png
.png
ReIn2ct1/BlazeEngine/Sprites/on.png
.png
ReIn2ct1/BlazeEngine/Sprites/trash.png
.png
ReIn2ct1/BlazeEngine/config.bin
ReIn2ct1/BlazeEngine/loading.assetbundle
ReIn2ct1/License
ReIn2ct1/MainMode.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

E:\SDK\reBE4v\ReDrive\MainMode\obj\Release\MainMode.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 888B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ReIn2ct1/Modules/BetterLoadingScreen.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\Users\BlazeBest\Desktop\SDK_v2\VRHustlerTest\BetterLoadingScreen\obj\Debug\BetterLoadingScreen.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 968B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ReIn2ct1/Modules/BlazeEngineUpdate.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\Users\BlazeBest\Desktop\SDK_v2\VRHustlerTest\BlazeEngineUpdate\obj\Debug\BlazeEngineUpdate.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 952B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ReIn2ct1/Modules/FlipScreen.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\Users\BlazeBest\Desktop\SDK_v2\VRHustlerTest\FlipScreen\obj\Debug\FlipScreen.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 904B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ReIn2ct1/Modules/Spoof_HWID.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\Users\BlazeBest\Desktop\SDK_v2\VRHustlerTest\Spoof_HWID\obj\Debug\Spoof_HWID.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 904B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ReIn2ct1/ReIn2cs.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 868B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ReIn2ct1/ReIn2ct.exe
.exe windows:6 windows x64 arch:x64

4c86e01e2ea79535d96ef03e053129a0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

E:\SDK\reBE4v\ReDrive\x64\Release\ReIn2ct.pdb

Imports

kernel32

GetCurrentThreadId
GetModuleHandleA
GetLastError
CloseHandle
GetProcAddress
DeleteCriticalSection
GetCurrentProcessId
GetTempPathW
K32EnumDeviceDrivers
ReadFile
TerminateProcess
LoadLibraryExA
OpenProcess
CreateFileW
CreateFileA
K32GetDeviceDriverBaseNameW
LoadLibraryA
LoadLibraryW
GetFileSize
FreeLibrary
SetUnhandledExceptionFilter
FormatMessageA
GetLocaleInfoEx
FindClose
FindFirstFileW
GetFileAttributesExW
InitializeCriticalSectionEx
VirtualAlloc
DeviceIoControl
VirtualFree
Sleep
SetFileInformationByHandle
AreFileApisANSI
GetModuleHandleW
GetFileInformationByHandleEx
MultiByteToWideChar
WideCharToMultiByte
IsDebuggerPresent
OutputDebugStringW
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
WakeAllConditionVariable
SleepConditionVariableSRW
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
GetCurrentProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead
LocalFree

user32

FindWindowA
SetWindowsHookExW
SendMessageA
UnhookWindowsHookEx
GetForegroundWindow
MessageBoxA
ShowWindow
MessageBoxW
GetWindowThreadProcessId

advapi32

RegCloseKey
RegDeleteTreeW
RegCreateKeyW
RegOpenKeyW
RegSetKeyValueW

msvcp140

??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
?write@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@PEBD_J@Z
??7ios_base@std@@QEBA_NXZ
?always_noconv@codecvt_base@std@@QEBA_NXZ
??Bid@locale@std@@QEAA_KXZ
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z
?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
?uncaught_exception@std@@YA_NXZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADD@Z
?put@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@D@Z
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z
?good@ios_base@std@@QEBA_NXZ
?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UEAA@XZ
?wcout@std@@3V?$basic_ostream@_WU?$char_traits@_W@std@@@1@A
?id@?$ctype@_W@std@@2V0locale@2@A
?_Winerror_map@std@@YAHH@Z
?_Syserror_map@std@@YAPEBDH@Z
?_Osfx@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAXXZ
?setstate@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QEAAXH_N@Z
?widen@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QEBA_WD@Z
?put@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV12@_W@Z
?flush@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV12@XZ
?sputc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QEAAG_W@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z
?getloc@ios_base@std@@QEBA?AVlocale@2@XZ
?_Getcat@?$ctype@_W@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?widen@?$ctype@_W@std@@QEBA_WD@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z
??1_Lockit@std@@QEAA@XZ
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
??0_Lockit@std@@QEAA@H@Z
?_Getgloballocale@locale@std@@CAPEAV_Locimp@12@XZ
?id@?$codecvt@DDU_Mbstatet@@@std@@2V0locale@2@A
?_Fiopen@std@@YAPEAU_iobuf@@PEB_WHH@Z
?_Xlength_error@std@@YAXPEBD@Z
?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?unshift@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEAD1AEAPEAD@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ
?out@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
?in@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXXZ
?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEBA?AVlocale@2@XZ

ntdll

RtlImageNtHeader
RtlInitUnicodeString
NtQuerySystemInformation

mscoree

CLRCreateInstance

vcruntime140_1

__CxxFrameHandler4

vcruntime140

memcpy
memcmp
__std_exception_destroy
__std_exception_copy
__std_terminate
memmove
memset
__C_specific_handler
_CxxThrowException
__current_exception
__current_exception_context

api-ms-win-crt-stdio-l1-1-0

__acrt_iob_func
_get_stream_buffer_pointers
_set_fmode
_fseeki64
fread
fsetpos
ungetc
getchar
__p__commode
fputc
setvbuf
fgetpos
fwrite
__stdio_common_vfwprintf
fflush
fgetc
fclose

api-ms-win-crt-heap-l1-1-0

_callnewh
malloc
_set_new_mode
free

api-ms-win-crt-utility-l1-1-0

srand
rand

api-ms-win-crt-filesystem-l1-1-0

_lock_file
_unlock_file
_wremove

api-ms-win-crt-string-l1-1-0

_stricmp
strcpy_s

api-ms-win-crt-time-l1-1-0

_time64

api-ms-win-crt-runtime-l1-1-0

_initterm_e
exit
_get_initial_narrow_environment
_exit
_set_app_type
_initterm
_register_thread_local_exe_atexit_callback
_c_exit
_crt_atexit
_register_onexit_function
_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
_seh_filter_exe
_cexit
terminate
__p___argc
__p___argv
_invalid_parameter_noinfo_noreturn
system

api-ms-win-crt-locale-l1-1-0

___lc_codepage_func
_configthreadlocale

api-ms-win-crt-math-l1-1-0

__setusermatherr

Sections

.text
Size: 63KB - Virtual size: 62KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 58KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 488B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 264B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ReIn2ct1/mm.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

E:\SDK\reBE4v\ReDrive\MainManager\obj\Release\MainManager.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 956KB - Virtual size: 956KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 904B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Resubmissions

Sharing

General

Malware Config

Signatures

Files

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text Size: 14KB - Virtual size: 14KB

.rsrc Size: 1024B - Virtual size: 896B

.reloc Size: 512B - Virtual size: 12B

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text Size: 8KB - Virtual size: 7KB

.rsrc Size: 1024B - Virtual size: 968B

.reloc Size: 512B - Virtual size: 12B

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text Size: 4KB - Virtual size: 3KB

.rsrc Size: 1024B - Virtual size: 952B

.reloc Size: 512B - Virtual size: 12B

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text Size: 3KB - Virtual size: 3KB

.rsrc Size: 1024B - Virtual size: 904B

.reloc Size: 512B - Virtual size: 12B

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text Size: 5KB - Virtual size: 4KB

.rsrc Size: 1024B - Virtual size: 904B

.reloc Size: 512B - Virtual size: 12B

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text Size: 3KB - Virtual size: 3KB

.rsrc Size: 1024B - Virtual size: 888B

.reloc Size: 512B - Virtual size: 12B

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text
Size: 14KB - Virtual size: 14KB

.rsrc
Size: 1024B - Virtual size: 896B

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 8KB - Virtual size: 7KB

.rsrc
Size: 1024B - Virtual size: 968B

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 1024B - Virtual size: 952B

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 3KB - Virtual size: 3KB

.rsrc
Size: 1024B - Virtual size: 904B

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 5KB - Virtual size: 4KB

.rsrc
Size: 1024B - Virtual size: 904B

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 3KB - Virtual size: 3KB

.rsrc
Size: 1024B - Virtual size: 888B

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 8KB - Virtual size: 7KB

.rsrc
Size: 1024B - Virtual size: 968B

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 1024B - Virtual size: 952B

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 3KB - Virtual size: 3KB

.rsrc
Size: 1024B - Virtual size: 904B

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 5KB - Virtual size: 4KB

.rsrc
Size: 1024B - Virtual size: 904B

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 3KB - Virtual size: 3KB

.rsrc
Size: 1024B - Virtual size: 868B

.reloc
Size: 512B - Virtual size: 12B