| Architecture |
IMAGE_FILE_MACHINE_AMD64
|
|---|---|
| Subsystem |
IMAGE_SUBSYSTEM_WINDOWS_CUI
|
| Compilation Date | 2026-Jun-18 14:30:57 |
| TLS Callbacks | 3 callback(s) detected. |
| Suspicious | Strings found in the binary may indicate undesirable behavior: |
Contains another PE executable:
|
| Info | Cryptographic algorithms detected in the binary: |
Uses constants related to CRC32
Uses constants related to MD5 Uses constants related to SHA1 Uses constants related to SHA256 Uses constants related to SHA512 Uses constants related to AES |
| Malicious | The PE contains functions mostly used by malware. |
[!] The program may be hiding some of its imports:
|
| Malicious | VirusTotal score: 6/70 (Scanned on 2026-06-27 09:59:33) |
Antiy-AVL:
RiskWare/Win64.Gamehack
ESET-NOD32: Win64/GameHack.XH potentially unsafe application Microsoft: Trojan:Win32/Wacatac.B!ml Sophos: Mal/Generic-S Trapmine: malicious.high.ml.score TrellixENS: Artemis!C31D2E7043ED |
| e_magic | MZ |
|---|---|
| e_cblp | 0x78 |
| e_cp | 0x1 |
| e_crlc | 0 |
| e_cparhdr | 0x4 |
| e_minalloc | 0 |
| e_maxalloc | 0 |
| e_ss | 0 |
| e_sp | 0 |
| e_csum | 0 |
| e_ip | 0 |
| e_cs | 0 |
| e_ovno | 0 |
| e_oemid | 0 |
| e_oeminfo | 0 |
| e_lfanew | 0x78 |
| Signature | PE |
|---|---|
| Machine |
IMAGE_FILE_MACHINE_AMD64
|
| NumberofSections | 6 |
| TimeDateStamp | 2026-Jun-18 14:30:57 |
| PointerToSymbolTable | 0 |
| NumberOfSymbols | 0 |
| SizeOfOptionalHeader | 0xf0 |
| Characteristics |
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
|
| Magic | PE32+ |
|---|---|
| LinkerVersion | 14.0 |
| SizeOfCode | 0x61b400 |
| SizeOfInitializedData | 0x3da600 |
| SizeOfUninitializedData | 0 |
| AddressOfEntryPoint | 0x00000000000013D0 (Section: .text) |
| BaseOfCode | 0x1000 |
| ImageBase | 0x140000000 |
| SectionAlignment | 0x1000 |
| FileAlignment | 0x200 |
| OperatingSystemVersion | 6.0 |
| ImageVersion | 0.0 |
| SubsystemVersion | 6.0 |
| Win32VersionValue | 0 |
| SizeOfImage | 0xa0d000 |
| SizeOfHeaders | 0x400 |
| Checksum | 0 |
| Subsystem |
IMAGE_SUBSYSTEM_WINDOWS_CUI
|
| DllCharacteristics |
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
|
| SizeofStackReserve | 0x100000 |
| SizeofStackCommit | 0x1000 |
| SizeofHeapReserve | 0x100000 |
| SizeofHeapCommit | 0x1000 |
| LoaderFlags | 0 |
| NumberOfRvaAndSizes | 16 |
| KERNEL32.dll |
AcquireSRWLockExclusive
AddVectoredExceptionHandler AttachConsole CancelIo CloseHandle CompareStringA CopyFileExW CreateDirectoryW CreateEventW CreateFileA CreateFileW CreatePipe CreateProcessA CreateProcessW CreateRemoteThread CreateSemaphoreW CreateThread CreateToolhelp32Snapshot DeleteCriticalSection DeleteFileW DeviceIoControl DuplicateHandle EnterCriticalSection EnumResourceNamesW ExitProcess FileTimeToSystemTime FindClose FindFirstFileExW FindFirstFileW FindNextFileW FlsAlloc FlsGetValue FlsSetValue FlushFileBuffers FormatMessageA FormatMessageW FreeEnvironmentStringsW FreeLibrary GenerateConsoleCtrlEvent GetActiveProcessorCount GetCommandLineW GetConsoleMode GetConsoleScreenBufferInfo GetCurrentDirectoryW GetCurrentProcess GetCurrentProcessId GetCurrentThread GetCurrentThreadId GetEnvironmentStringsW GetEnvironmentVariableA GetExitCodeProcess GetFileAttributesA GetFileAttributesExW GetFileSizeEx GetFileTime GetFileType GetLastError GetLocaleInfoA GetLocaleInfoW GetLogicalDrives GetModuleFileNameW GetModuleHandleA GetModuleHandleExW GetModuleHandleW GetNumberOfConsoleInputEvents GetOverlappedResult GetProcAddress GetProcessHeap GetStdHandle GetSystemInfo GetSystemPowerStatus GetSystemTimeAsFileTime GetSystemTimePreciseAsFileTime GetThreadId GetTickCount GlobalAlloc GlobalFree GlobalLock GlobalMemoryStatusEx GlobalSize GlobalUnlock HeapAlloc HeapFree InitOnceExecuteOnce InitializeCriticalSection InitializeCriticalSectionAndSpinCount IsProcessorFeaturePresent IsWow64Process LeaveCriticalSection LoadLibraryA LoadLibraryExW LoadLibraryW LocalFree Module32First Module32Next MoveFileExA MoveFileExW MulDiv MultiByteToWideChar OpenProcess OpenThread OutputDebugStringW Process32First Process32Next QueryPerformanceCounter QueryPerformanceFrequency RaiseException ReadConsoleInputW ReadFile ReadProcessMemory ReleaseSRWLockExclusive ReleaseSemaphore RemoveDirectoryW RemoveVectoredExceptionHandler ResetEvent ResumeThread RtlCaptureContext RtlLookupFunctionEntry RtlRestoreContext RtlUnwindEx RtlVirtualUnwind SetConsoleCP SetConsoleMode SetConsoleOutputCP SetConsoleTextAttribute SetConsoleTitleA SetEnvironmentVariableA SetErrorMode SetEvent SetFilePointer SetFilePointerEx SetHandleInformation SetLastError SetNamedPipeHandleState SetThreadExecutionState SetThreadPriority SetUnhandledExceptionFilter Sleep SleepConditionVariableSRW SuspendThread SwitchToThread SystemTimeToFileTime SystemTimeToTzSpecificLocalTime TerminateProcess Thread32First Thread32Next TlsAlloc TlsFree TlsGetValue TlsSetValue TryAcquireSRWLockExclusive TryEnterCriticalSection VerSetConditionMask VerifyVersionInfoW VirtualAllocEx VirtualFreeEx VirtualProtect VirtualProtectEx VirtualQuery WaitForMultipleObjects WaitForSingleObject WaitForSingleObjectEx WakeAllConditionVariable WakeConditionVariable WideCharToMultiByte WriteConsoleA WriteConsoleW WriteFile WriteProcessMemory |
|---|---|
| api-ms-win-crt-stdio-l1-1-0.dll |
__acrt_iob_func
__p__commode __p__fmode __stdio_common_vfprintf __stdio_common_vfwprintf __stdio_common_vsnprintf_s __stdio_common_vsprintf _close _filelengthi64 _fileno _fseeki64 _fsopen _ftelli64 _fwrite_nolock _get_osfhandle _isatty _open_osfhandle _setmode _sopen _wfopen _write fclose feof ferror fflush fgetc fgets fgetwc fopen fputc fputwc fread fseek ftell fwrite getc putchar puts setbuf setvbuf ungetc ungetwc |
| api-ms-win-crt-runtime-l1-1-0.dll |
_assert
__p___argc __p___argv __sys_nerr _beginthreadex _cexit _configure_narrow_argv _crt_atexit _endthreadex _errno _exit _initialize_narrow_environment _initterm _initterm_e _register_thread_local_exe_atexit_callback _seh_filter_exe _set_app_type _set_invalid_parameter_handler abort exit signal strerror strerror_s |
| api-ms-win-crt-locale-l1-1-0.dll |
___lc_codepage_func
___mb_cur_max_func __pctype_func _configthreadlocale _create_locale _free_locale localeconv setlocale |
| api-ms-win-crt-heap-l1-1-0.dll |
_aligned_free
_aligned_malloc _set_new_mode calloc free malloc realloc |
| api-ms-win-crt-private-l1-1-0.dll |
__intrinsic_setjmp
longjmp memchr memcmp memcpy memmove strchr strrchr strstr wcsstr |
| api-ms-win-crt-string-l1-1-0.dll |
_iswalpha_l
_iswcntrl_l _iswdigit_l _iswlower_l _iswprint_l _iswpunct_l _iswspace_l _iswupper_l _iswxdigit_l _strcoll_l _strdup _strrev _strxfrm_l _tolower_l _toupper_l _towlower_l _towupper_l _wcscoll_l _wcsxfrm_l isalnum isalpha isdigit islower isprint isspace isxdigit mbrlen memset strcmp strcpy strlen strncmp strncpy strnlen strpbrk tolower toupper wcscmp wcslen wcsncmp wcsnlen |
| USER32.dll |
AdjustWindowRectEx
AttachThreadInput BeginPaint CallNextHookEx CallWindowProcW ChangeDisplaySettingsExW CheckMenuItem ClientToScreen ClipCursor CloseClipboard CreateIconFromResource CreateIconFromResourceEx CreateIconIndirect CreatePopupMenu CreateWindowExA CreateWindowExW DefWindowProcW DeleteMenu DestroyCursor DestroyIcon DestroyMenu DestroyWindow DialogBoxIndirectParamW DispatchMessageW DrawTextW EmptyClipboard EnableMenuItem EnableWindow EndDialog EndPaint EnumClipboardFormats EnumDisplayDevicesW EnumDisplayMonitors EnumDisplaySettingsW EnumWindows FillRect FlashWindowEx GetAsyncKeyState GetClassInfoExW GetClientRect GetClipCursor GetClipboardData GetClipboardFormatNameA GetClipboardSequenceNumber GetCursorPos GetDC GetDesktopWindow GetDlgItem GetDoubleClickTime GetFocus GetForegroundWindow GetKeyState GetKeyboardLayout GetKeyboardState GetMenu GetMenuItemInfoW GetMessageA GetMessageExtraInfo GetMessagePos GetMessageTime GetMessageW GetMonitorInfoW GetPropW GetQueueStatus GetRawInputBuffer GetRawInputData GetRawInputDeviceInfoA GetRawInputDeviceList GetSystemMetrics GetUpdateRect GetWindowLongPtrW GetWindowLongW GetWindowPlacement GetWindowRect GetWindowTextLengthW GetWindowTextW GetWindowThreadProcessId InsertMenuW IntersectRect IsClipboardFormatAvailable IsIconic IsWindow IsZoomed KillTimer LoadCursorW LoadIconW MapVirtualKeyW MessageBoxA MonitorFromPoint MonitorFromWindow MsgWaitForMultipleObjects OpenClipboard PeekMessageW PostMessageW PostThreadMessageW PtInRect RegisterClassExA RegisterClassExW RegisterClassW RegisterClipboardFormatW RegisterDeviceNotificationW RegisterRawInputDevices RegisterWindowMessageA RegisterWindowMessageW ReleaseCapture ReleaseDC RemovePropW ScreenToClient SendMessageW SetActiveWindow SetCapture SetClipboardData SetCursor SetCursorPos SetFocus SetForegroundWindow SetLayeredWindowAttributes SetMenuItemInfoW SetParent SetPropW SetRectEmpty SetTimer SetWindowLongPtrW SetWindowLongW SetWindowPos SetWindowRgn SetWindowTextW SetWindowsHookExW ShowWindow SystemParametersInfoA SystemParametersInfoW ToUnicode TrackMouseEvent TrackPopupMenu TranslateMessage UnhookWindowsHookEx UnregisterClassA UnregisterClassW UnregisterDeviceNotification ValidateRect |
| api-ms-win-crt-math-l1-1-0.dll |
__setusermatherr
_fdopen acos acosf asin asinf atan atan2 atan2f atanf ceil ceilf cos cosf exp exp2 exp2f expf floor floorf fmod fmodf log log10 log10f logf lround lroundf modf modff pow powf round roundf sin sinf sqrt sqrtf tan tanf trunc truncf |
| api-ms-win-crt-convert-l1-1-0.dll |
_i64toa
_itoa _ltoa _strtod_l _ui64toa _ultoa atof atoi mbrtowc mbsrtowcs strtof strtol strtoll strtoul strtoull wcrtomb wcrtomb_s wcstod wcstol wcstoll wcstoul wcstoull |
| api-ms-win-crt-time-l1-1-0.dll |
_ctime64
_gmtime64_s _localtime64_s _mkgmtime64 _mktime64 _strftime_l _time32 _time64 strftime |
| api-ms-win-crt-multibyte-l1-1-0.dll |
_mbtowc_l
|
| api-ms-win-crt-environment-l1-1-0.dll |
__p__environ
getenv |
| WINMM.dll |
timeBeginPeriod
timeEndPeriod |
| ADVAPI32.dll |
RegCloseKey
RegOpenKeyExW RegQueryValueExW |
| ole32.dll |
CLSIDFromString
CoCreateInstance CoInitializeEx CoTaskMemFree CoUninitialize OleInitialize OleUninitialize PropVariantClear RegisterDragDrop ReleaseStgMedium RevokeDragDrop |
| SETUPAPI.dll |
CM_Get_Device_IDA
CM_Get_Parent CM_Locate_DevNodeA SetupDiDestroyDeviceInfoList SetupDiEnumDeviceInfo SetupDiGetClassDevsA SetupDiGetDeviceInstanceIdA SetupDiGetDeviceRegistryPropertyW |
| SHELL32.dll |
CommandLineToArgvW
DragAcceptFiles DragFinish DragQueryFileW SHBrowseForFolderW SHGetFolderPathW SHGetPathFromIDListW ShellExecuteW Shell_NotifyIconW |
| GDI32.dll |
BitBlt
ChoosePixelFormat CombineRgn CreateBitmap CreateCompatibleBitmap CreateCompatibleDC CreateDCW CreateDIBSection CreateFontIndirectW CreateRectRgn CreateSolidBrush DeleteDC DeleteObject DescribePixelFormat GetDIBits GetDeviceCaps GetICMProfileW GetPixelFormat GetTextExtentPoint32A GetTextMetricsW SelectObject SetPixel SetPixelFormat SwapBuffers |
| api-ms-win-crt-filesystem-l1-1-0.dll |
_lock_file
_mkdir _stat64i32 _umask _unlink _unlock_file remove rename |
| api-ms-win-crt-utility-l1-1-0.dll |
qsort
rand rand_s |
| OLEAUT32.dll |
SysFreeString
|
| IMM32.dll |
ImmAssociateContext
ImmGetCandidateListW ImmGetCompositionFontW ImmGetCompositionStringW ImmGetContext ImmGetIMEFileNameA ImmNotifyIME ImmReleaseContext ImmSetCandidateWindow ImmSetCompositionStringW ImmSetCompositionWindow |
| VERSION.dll |
GetFileVersionInfoA
GetFileVersionInfoSizeA VerQueryValueA |
| WS2_32.dll |
inet_pton
|
| bcrypt.dll |
BCryptGenRandom
|
| StartAddressOfRawData | 0x140a01000 |
|---|---|
| EndAddressOfRawData | 0x140a01050 |
| AddressOfIndex | 0x1409c6c20 |
| AddressOfCallbacks | 0x140937450 |
| SizeOfZeroFill | 0 |
| Characteristics |
IMAGE_SCN_ALIGN_8BYTES
|
| Callbacks |
0x00000001404543E0
0x00000001400FA2C0 0x00000001400FA340 |
| Size | 0x138 |
|---|---|
| TimeDateStamp | 1970-Jan-01 00:00:00 |
| Version | 0.0 |
| GlobalFlagsClear | (EMPTY) |
| GlobalFlagsSet | (EMPTY) |
| CriticalSectionDefaultTimeout | 0 |
| DeCommitFreeBlockThreshold | 0 |
| DeCommitTotalFreeThreshold | 0 |
| LockPrefixTable | 0 |
| MaximumAllocationSize | 0 |
| VirtualMemoryThreshold | 0 |
| ProcessAffinityMask | 0 |
| ProcessHeapFlags | (EMPTY) |
| CSDVersion | 0 |
| Reserved1 | 0 |
| EditList | 0 |
| SecurityCookie | 0 |
No comments yet.