a1a8bde409ed75d94a0439c37cf881bc354b13c2f8cd32e4bef3b10f308f1392

Summary

Architecture IMAGE_FILE_MACHINE_AMD64
Subsystem IMAGE_SUBSYSTEM_WINDOWS_GUI
Compilation Date 2025-Mar-22 17:59:14
Detected languages English - United States
CompanyName Alexander Blade
FileDescription GTA V ENHANCED *.asi plugin loader
FileVersion 1.0.0.2
InternalName asiloader.dll
LegalCopyright (C) Alexander Blade 2025
OriginalFilename asiloader.dll
ProductName GTA V ENHANCED Asi loader
ProductVersion 1.0.0.2

Plugin Output

Info The PE contains common functions which appear in legitimate applications. [!] The program may be hiding some of its imports:
  • GetProcAddress
  • LoadLibraryA
  • LoadLibraryExW
Suspicious VirusTotal score: 1/63 (Scanned on 2026-07-02 02:35:17) Cynet: Malicious (score: 100)

Hashes

MD5 5c5f65caf05eaf8168378934f7896498
SHA1 9c0123815df86533b02666b76e40d837c85482d2
SHA256 a1a8bde409ed75d94a0439c37cf881bc354b13c2f8cd32e4bef3b10f308f1392
SHA3 55e5ab2a7810c97f08f1b0aeeed262d6d248eae76e79b3718e9e129ff1d116a5
SSDeep 3072:DRnkxV24xCfAx2wRgTinxQSRRTkZiD6M9g+XquDVAZ:DRnkxV2tAngTinxLR9YYcKqz
Imports Hash 94effc1b893e3249b25978949218628c

DOS Header

e_magic MZ
e_cblp 0x90
e_cp 0x3
e_crlc 0
e_cparhdr 0x4
e_minalloc 0
e_maxalloc 0xffff
e_ss 0
e_sp 0xb8
e_csum 0
e_ip 0
e_cs 0
e_ovno 0
e_oemid 0
e_oeminfo 0
e_lfanew 0x100

PE Header

Signature PE
Machine IMAGE_FILE_MACHINE_AMD64
NumberofSections 6
TimeDateStamp 2025-Mar-22 17:59:14
PointerToSymbolTable 0
NumberOfSymbols 0
SizeOfOptionalHeader 0xf0
Characteristics IMAGE_FILE_DLL
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Image Optional Header

Magic PE32+
LinkerVersion 12.0
SizeOfCode 0x13000
SizeOfInitializedData 0xfa00
SizeOfUninitializedData 0
AddressOfEntryPoint 0x0000000000003CC4 (Section: .text)
BaseOfCode 0x1000
ImageBase 0x180000000
SectionAlignment 0x1000
FileAlignment 0x200
OperatingSystemVersion 6.0
ImageVersion 0.0
SubsystemVersion 6.0
Win32VersionValue 0
SizeOfImage 0x25000
SizeOfHeaders 0x400
Checksum 0
Subsystem IMAGE_SUBSYSTEM_WINDOWS_GUI
DllCharacteristics IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
SizeofStackReserve 0x100000
SizeofStackCommit 0x1000
SizeofHeapReserve 0x100000
SizeofHeapCommit 0x1000
LoaderFlags 0
NumberOfRvaAndSizes 16

.text

MD5 07ca82114886fcdb7a66dfd2e154f277
SHA1 0ef9b869cd6152946a03b2eeac3d669bcfd8f453
SHA256 8331bc92f8fa6ff6e0faeb0599dac48ff6471f071324ce2398412d6c0e368f9e
SHA3 9b0bd13942356a4cdc58d199b7fa8112cfd42c1b5834fa3cd40b878d37099a3e
VirtualSize 0x12e4f
VirtualAddress 0x1000
SizeOfRawData 0x13000
PointerToRawData 0x400
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
Entropy 6.46072

.rdata

MD5 9c9863d8811520c982b613e464799068
SHA1 63da120d00fd8bffec385c340c5acdb5e42cff05
SHA256 4c69fdb9a9282e7bc2c7119956c6dae7cd49789679ca0ce537f600db6e3e09b9
SHA3 c9dc8e9876b419b2d2887877ecc0a316483929d7d1272be92daa1fe46f15122b
VirtualSize 0x9a72
VirtualAddress 0x14000
SizeOfRawData 0x9c00
PointerToRawData 0x13400
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Entropy 4.2085

.data

MD5 950244ac31371e96299bf67e20f31c8e
SHA1 3c0264ddf46e784cfaf06f5625ce71b3d031c806
SHA256 2bdcfba81a2ca50c3ffb441a987c0d271256c2eb7b2d19c7c45fef7c144659eb
SHA3 2484e8cbb4ae3a8d9130af49cbd3b8a67b3dbf621736aec8c2cff9fddf882187
VirtualSize 0x3fe8
VirtualAddress 0x1e000
SizeOfRawData 0x1c00
PointerToRawData 0x1d000
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Entropy 3.05682

.pdata

MD5 28611ab7c40167aab788ec4ba96e144d
SHA1 a53c83b993861e118ca2159be8705bee18f8e38a
SHA256 3e64ce1ef8e1f66b0a6f8cd9281a5a85332c0c77689d4589b706b73b07d36488
SHA3 73841ba07b6d3309b5be9464b7b41a6b0f14111afa3b9edb71f2764f036ec11d
VirtualSize 0xfb4
VirtualAddress 0x22000
SizeOfRawData 0x1000
PointerToRawData 0x1ec00
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Entropy 4.90922

.rsrc

MD5 c6b7695b908071eb9159ca63014c9c41
SHA1 1d40a6332fc322e87faac52e3791c44418a51250
SHA256 5a3cee4628d458e85fdfbe6d6e28043de0b7465b8bbf2d0540f985bf644a7e33
SHA3 21711d495befd3e5c3ce9fe60cf2e0a927ad957b12914d83e715c9c9bf080108
VirtualSize 0x540
VirtualAddress 0x23000
SizeOfRawData 0x600
PointerToRawData 0x1fc00
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Entropy 3.80121

.reloc

MD5 0556a10bfc12c7b47b8cfb51fb8b7d09
SHA1 3fc4bff0e72ea33492eb6df35871a24c273bafde
SHA256 11119842eef858b6c76ae90a477d6aa0f860dbdb00c86cea0bdafd9906904a72
SHA3 a0d27eed8761e694c7b9b455dbc134a23ee096769a444aa8b41316bbe61f4423
VirtualSize 0x7f8
VirtualAddress 0x24000
SizeOfRawData 0x800
PointerToRawData 0x20200
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Entropy 5.37732

Imports

KERNEL32.dll GetSystemDirectoryA
GetProcAddress
LoadLibraryA
VirtualProtect
OutputDebugStringA
GetSystemTimeAsFileTime
FindFirstFileA
FindClose
GetModuleFileNameA
FindNextFileA
GetModuleHandleA
EncodePointer
DecodePointer
IsDebuggerPresent
IsProcessorFeaturePresent
GetCommandLineA
GetCurrentThreadId
EnterCriticalSection
LeaveCriticalSection
FlushFileBuffers
GetLastError
WriteFile
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
DeleteCriticalSection
RtlUnwindEx
ExitProcess
GetModuleHandleExW
AreFileApisANSI
MultiByteToWideChar
HeapSize
GetStdHandle
GetFileType
GetStartupInfoW
HeapFree
CloseHandle
HeapAlloc
RtlPcToFileHeader
RaiseException
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
SetLastError
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
Sleep
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleW
GetProcessHeap
QueryPerformanceCounter
GetCurrentProcessId
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetFilePointerEx
SetStdHandle
WriteConsoleW
GetModuleFileNameW
LoadLibraryExW
HeapReAlloc
LCMapStringW
GetStringTypeW
CreateFileW
OutputDebugStringW
SetEndOfFile
ReadFile
ReadConsoleW

Delayed Imports

DllMain

Ordinal 1
Address 0x1060

XInputGetState

Ordinal 2
Address 0x1080

XInputSetState

Ordinal 3
Address 0x10a0

XInputGetCapabilities

Ordinal 4
Address 0x10c0

XInputEnable

Ordinal 5
Address 0x10e0

XInputGetBatteryInformation

Ordinal 7
Address 0x1100

XInputGetKeystroke

Ordinal 8
Address 0x1120

XInputGetAudioDeviceIds

Ordinal 10
Address 0x1140

XINPUT1_4_100

Ordinal 100
Address 0x1160

XINPUT1_4_101

Ordinal 101
Address 0x1180

XINPUT1_4_102

Ordinal 102
Address 0x11a0

XINPUT1_4_103

Ordinal 103
Address 0x11c0

XINPUT1_4_104

Ordinal 104
Address 0x11e0

XINPUT1_4_108

Ordinal 108
Address 0x1200

1

Type RT_VERSION
Language English - United States
Codepage UNKNOWN
Size 0x31c
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.40474
MD5 d3b72151d10e8943586909ef93013c5c
SHA1 8dec456dfa74281f777d72ef0851f3a699da27dc
SHA256 b14e9637592609eef99711748cb3f78deb3ea63d0a088294b818fdc8e6352ed9
SHA3 dc67464903737e551671680ba0b26ed49ae702ed08226fb68051c7c9474aa8ba

2

Type RT_MANIFEST
Language English - United States
Codepage UNKNOWN
Size 0x17d
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 4.91161
MD5 1e4a89b11eae0fcf8bb5fdd5ec3b6f61
SHA1 4260284ce14278c397aaf6f389c1609b0ab0ce51
SHA256 4bb79dcea0a901f7d9eac5aa05728ae92acb42e0cb22e5dd14134f4421a3d8df
SHA3 4bb9e8b5a714cae82782f3831cc2d45f4bf4a50a755fe584d2d1893129d68353

Version Info

Signature 0xfeef04bd
StructVersion 0x10000
FileVersion 1.0.0.2
ProductVersion 1.0.0.2
FileFlags (EMPTY)
FileOs VOS_DOS_WINDOWS32
VOS_NT
VOS_NT_WINDOWS32
VOS_WINCE
VOS__WINDOWS32
FileType VFT_DLL
Language English - United States
CompanyName Alexander Blade
FileDescription GTA V ENHANCED *.asi plugin loader
FileVersion (#2) 1.0.0.2
InternalName asiloader.dll
LegalCopyright (C) Alexander Blade 2025
OriginalFilename asiloader.dll
ProductName GTA V ENHANCED Asi loader
ProductVersion (#2) 1.0.0.2
Resource LangID English - United States

TLS Callbacks

Load Configuration

Size 0x70
TimeDateStamp 1970-Jan-01 00:00:00
Version 0.0
GlobalFlagsClear (EMPTY)
GlobalFlagsSet (EMPTY)
CriticalSectionDefaultTimeout 0
DeCommitFreeBlockThreshold 0
DeCommitTotalFreeThreshold 0
LockPrefixTable 0
MaximumAllocationSize 0
VirtualMemoryThreshold 0
ProcessAffinityMask 0
ProcessHeapFlags (EMPTY)
CSDVersion 0
Reserved1 0
EditList 0
SecurityCookie 0x18001e000

RICH Header

XOR Key 0x1bc2a5a
Unmarked objects 0
C++ objects (20806) 48
C objects (20806) 122
ASM objects (20806) 12
Imports (65501) 3
Total imports 91
229 (VS2013 build 21005) 4
Exports (VS2013 build 21005) 1
Resource objects (VS2013 build 21005) 1
151 1
Linker (VS2013 build 21005) 1

Errors

[*] Warning: 94 invalid export(s) not shown.
Leave a comment

No comments yet.