Multi-License Discount Quote

Change Region

English
Threat Database Hacktool Hacktool.GameHack.CE

Hacktool.GameHack.CE

By CagedTech in Hacktool

Threat Scorecard

Popularity Rank: 822
Threat Level: 50 % (Medium)
Infected Computers: 9,517
First Seen: September 1, 2021
Last Seen: April 13, 2026
OS(es) Affected: Windows

Analysis Report

General information

Family Name: Hacktool.GameHack.CE
Signature status: No Signature

Known Samples

MD5: b3d4ed2021f599718916f4307af652d5
SHA1: 8f60839d7dc27d56ef977b220bc239612f32aeff
SHA256: 9FC0D466D86CB1E93A9A7F048501D3D64F8C5984AEA11625A683B989206CB1A4
File Size: 302.59 KB, 302592 bytes
MD5: 3b472135c678ed62e4a0d447e256426f
SHA1: c54b91246bed1fe4363868ccf978bff697df0148
SHA256: 5786B9CB99F713AB9276B5485D4BBC436C9B5F1BBFE6D84916C16FE9740A7230
File Size: 3.64 MB, 3640320 bytes
MD5: 184144109c7d841d08efed6672f5795e
SHA1: 87522f0d960ad7fc4cc90bb5ffc3449b4a79cc2b
SHA256: 8D6FB63B8158E8F094F4FC664BF3A3C95EE8F4E0CFC4BBE27EF746F55D10FF70
File Size: 238.59 KB, 238592 bytes
MD5: a865199c4fbcf3d24af289bd9da9a42a
SHA1: 132fb1a91cecb7b73f6d07da8d71a96aa866d9af
SHA256: 5F8B6AFEE9FBB18EBDA4B288E3373ECE90C9F7E12E9E56A058C627D466FB90A1
File Size: 6.24 MB, 6237184 bytes
MD5: 085c4a0cf1d23816ac4ed8f16fce60cc
SHA1: db217ccaa3bb3b86a75a744712cc71eae4151d28
SHA256: 5B2E51C24488E26E8ACBFAF577FAE8629CCB412CA230E063C2E3CCA1DABD7288
File Size: 250.88 KB, 250880 bytes
Show More
MD5: 203e4f0236efcd155a88bb355126057c
SHA1: ffabf3484fcc3e64ab25d33713dbd662fad0e27c
SHA256: 79AAFF07727CC6AD83E06834B2B1020D8F3DC72C41144E28A674F37AB68182F1
File Size: 263.17 KB, 263168 bytes
MD5: b4ef341493d454b048cc117cfce79ed2
SHA1: 1e51977a084681b9875625a1998297dbb2022c75
SHA256: 14938561FFC10DF224A94E9B54E27559D33BD2E5A479BCE077A93532B1B64F51
File Size: 2.22 MB, 2222592 bytes
MD5: 5a6473cde6ad458424193afb80b91718
SHA1: 8653f236af8b5b1305f7ddfd493758ee8095353d
SHA256: 666EF2C11FFC30A861F38C263E51878348CAC5B979E3BBE0ED4726950C9C458F
File Size: 279.04 KB, 279040 bytes
MD5: 3d92365898366d3166d3a0344e26abc9
SHA1: 9cdb363187f7bb75e89bf0f88e52d435fdbd9107
SHA256: A3889B479ADAFAAC250F5696436A96F210E6BB44532F96390C0023B8C4445499
File Size: 316.93 KB, 316928 bytes
MD5: b062715834f21434a76e46999af3c9c3
SHA1: d8ea79463f9fc469898bc132d158b0fb4d5c86ae
SHA256: 44C83D624060DCD5B8E91DC320BCF11567A6E34E3E904D085D05BA2FD25EDC38
File Size: 244.22 KB, 244224 bytes
MD5: 327a413e61363bed61a2e6ed2fcda8f2
SHA1: e7b6434eb15ec57ab81a5fd26312b852e028731e
SHA256: 0949312DA56F0A2F009B27A690B22396EE8BFBCE1A64694A99ED1B2785FB8FBE
File Size: 3.09 MB, 3091456 bytes
MD5: 5b8347da9b3a6731328d1cb97f2aea53
SHA1: b216f11fb66ab690ed33baac5a6fe85b30c71180
SHA256: 76BA6D0AB22084BB1C2615DC7873EDD49A3FDB5677692AF15991A6ED58EDED84
File Size: 162.82 KB, 162816 bytes
MD5: 0c3ca2df31f3f7ba145f3c7792d67fcf
SHA1: f587dfa43715afd0ea2b2604c05c6a35523155a5
SHA256: CC119F46C014AE0DD905F3EB5425DB8174F482A4CC6DF051D92FAA3C48E46905
File Size: 3.31 MB, 3311104 bytes
MD5: 5a439de93fbdf9ae149f8b4ca38f4eeb
SHA1: ddbca8a42de6f46ceb39fd149dcf4495d89c6b47
SHA256: B8058283B52D50D87187CD8E5B3D38D306886E588081A90EAEF613EC3EAB0591
File Size: 172.03 KB, 172032 bytes
MD5: e66c88a697c6b3d7c6d53598981ec66b
SHA1: 75347329ae9af8ad0ca1ebf03189f516b606ecf6
SHA256: 3BE5125C1DD4C16B7E2AF748ECB3A7C011E3AF8C2AA6A62B1BD99276578327F7
File Size: 385.54 KB, 385536 bytes
MD5: b8ad9745e19f055a29443a47c600c438
SHA1: 337b3be8b08b473de86bcb3dce2e3f1ce3d79096
SHA256: 2CC6B8232725DB1718C4C11F9AF2A81F990D4EB6C052D5065BCB2A7E7CE7CC34
File Size: 857.09 KB, 857088 bytes
MD5: 4e57433d63d272b95143fe209f59406d
SHA1: e4e796076680135530dabbbd4535a393507a0097
SHA256: 68688B1C6008B0218B55700034F0450482E9813197019A5E9C367DECFA219E8F
File Size: 253.95 KB, 253952 bytes
MD5: 3097979fd5eb8ce9ab7fcc37a0cc2152
SHA1: 7303a17a8cbe5e554b4cf1466ce45cf854066c81
SHA256: A7479BE5CF2E1369E0133CFD8CFABC40F06B472AE600852FDAEB5AE82B17ECF2
File Size: 223.74 KB, 223744 bytes
MD5: 16954a245442ec65b715c1fb9ca8f03a
SHA1: 68f4e61f36a598765e8e30b0cd7e44e679c40eb0
SHA256: 3C5E44831B306207BC0C91B202084FCB3ABCD2D6E3A6675D5C6AA46E97469DBB
File Size: 603.65 KB, 603648 bytes
MD5: fd68b6759a4b1e57781d702d053c65df
SHA1: b331d507ef9aed0f1e0bb591ecf3e3400d9c94a4
SHA256: FA179FAF301BC1D03C91147AEE123098C723F9DA545D126A322AC738C25F8635
File Size: 331.26 KB, 331264 bytes
MD5: 0ef4db432a421a069e28c5d43d635687
SHA1: 1a71a47ef1fd0f3835721a2bbd9dfe4d1636c346
SHA256: 8A62C4BC39390673973EFEA78EF3B580598A120B0E32B2EACB05717191C3E561
File Size: 518.66 KB, 518656 bytes
MD5: 02adf2bb8be498d70019708ef7f10b8a
SHA1: 97a8a2d460cf61a66a455e55d2a4aaf3f7706760
SHA256: 82B9CD3AD7563EB7FA5FC8F4DF5C66E8630223811D694B967217E306D5B34159
File Size: 413.18 KB, 413184 bytes
MD5: b4871ebaa9f19780fc6e68bc49b55abf
SHA1: 1b7993346443dce0721ed7b218fd2d31c5767fd2
SHA256: 9FD3BE4CF7C250C5C2B6970D4FBC36E4734CBAB3056C7CAFEF61CD7263946C7C
File Size: 632.32 KB, 632320 bytes
MD5: 352f26d982f88d6029296fc81460f52d
SHA1: a15e92b2ba4032b401f30f4769d60af431e7252a
SHA256: 442DB8E8BD000D3CF7554EA708929B01FD331A5AFE4B0FCAB505B2F263306FEA
File Size: 299.01 KB, 299008 bytes
MD5: 5c2fa7aceea69b9775763712c4df900a
SHA1: a8feedee03431de450914b64e1df87a7c834270a
SHA256: 4A3FB2B8DA5590F8BC327EB29FB2D08CEE3987124ED25830E317980167BFF59A
File Size: 3.37 MB, 3368448 bytes
MD5: 18ff73b1e62884cb810b432acb9dcad9
SHA1: d34b1397b25397433639915610f40ea8f79153d8
SHA256: D295AD08C228BFA4D326B2931E14790381E43EF6F8369B729F39A9D18F00AD6D
File Size: 281.09 KB, 281088 bytes
MD5: 215ea63b74eeff88cdeb6cb2023a6459
SHA1: ac93831bfb093209ab08638affc5a77c85ca0a48
SHA256: 7B93FC2F8268DA734105C0CF55AB03309A405D54FC18EB39297924EFF3D7D31B
File Size: 159.23 KB, 159232 bytes
MD5: 868b909285c216309eeb1811999d3077
SHA1: 1741c1eb9dd12a034c1e04d73ccb4e288ec91149
SHA256: 5ACE64BD0E4B1A5DEF6EB3030F571E7DBFF7CBEA7175187552CC4D9E6B876567
File Size: 323.07 KB, 323072 bytes
MD5: bd3e700b00e6fcb5cedf79cb01b05f4d
SHA1: 9abc9e9fb9a1f10590bc30e54bdf7c913b41ebf8
SHA256: 419B01CAAC7A21F5F5B328038BC21795AD24A7CB1E47769E96E43E7EE29C4734
File Size: 4.40 MB, 4397056 bytes
MD5: 2f2d5f11832fa6790e7282e49b1e61de
SHA1: a350d8490540cfd41451d9aaf29a2fa02d242fac
SHA256: 7392735F93AD5618BE3C2A10621262150DAFFED59AEC93C9E285AD75E7739DC8
File Size: 251.90 KB, 251904 bytes
MD5: 5b6f346eee6ae2ac4f8a686e1017e09c
SHA1: 0901a8aef7e8f4bf7ab1a0d6467274db636c6427
SHA256: 214B807948DC737223B6AC9880FF8E0B4EE7F332F1919B593FC6A498CDB94880
File Size: 3.37 MB, 3368960 bytes
MD5: e73725d2d85ea2265fdd4b5921f652f1
SHA1: 5d6862eb968806d956d3c9b921d7eca002dad838
SHA256: 5D4CE3F3F45F995378600A051E2A1C5B4A46113FC8467CCF4E9246D1DA8D3080
File Size: 578.05 KB, 578048 bytes
MD5: d723226bd7738d076cdfa96443d2bc1f
SHA1: c4e6264dc56e404696c080569b99166987954c3e
SHA256: 0AA1C60EEA50E31C61DCA4A6B63FA957939CC5BD6930E9ECFD82EFCFF7AB719B
File Size: 416.77 KB, 416768 bytes
MD5: d3997c341313b9bc868f4d8f00712ba8
SHA1: 28ef1a6c4ea4f73fcde6d067750bca505924a012
SHA256: B514E82BB32A1D142FF93EFE75306395F40BCF1086D6ED6FA8024581E820D543
File Size: 399.36 KB, 399360 bytes
MD5: 87c6882d5b94c0a2add4f405422c8192
SHA1: 262f04735b2fe0c22cafc64f931537a7ea8b022b
SHA256: CAE2217901F08995702D5F37DA20AB369A668B7EB5E9BE5373965B6F619EB82D
File Size: 174.59 KB, 174592 bytes
MD5: b4cbf965570bc1d82c5fdd7f7050c4d9
SHA1: 3a493d21a75e6f40e0fcf5c6892888f30ffeb6c6
SHA256: 5C468C34BFB2316CCDA04E670B3A66B9C1383C1FBDF7EC54D0C229C700927D0D
File Size: 256.51 KB, 256512 bytes
MD5: 63cf9f544721db3b0c879549595c31a0
SHA1: ec8826ac32810ba3873f34b3789803f5f8d64941
SHA256: 91B0DB44B1CF58037C62D2D77919C9E106151B5226462ED2D742B5A591B58813
File Size: 434.18 KB, 434176 bytes
MD5: 9a6140546b8fac1bd62ac05e41cedec4
SHA1: b83c35b167bf993312e5b0b96e165af6bdcb8d8e
SHA256: 267B759D12CCFB9155BC098C6D892CE334D314FAC4776B5777B0D8BD7A68C441
File Size: 5.00 MB, 4998639 bytes
MD5: 39a9e7dd645c58cbcd9470383f5e94e9
SHA1: accdc3f692988f9b54236002b5acf0b15941e66b
SHA256: 459E0E4F53283A53197EA48F8009AAF3F0C2F7E62015F935F205D968BE374A44
File Size: 3.37 MB, 3369984 bytes
MD5: a922ef6a788e2d1d55ae42a6249efe6c
SHA1: 61eb743698a160752cfe0471e8badf38720b1701
SHA256: 2A99A1A65B0BCEC036CD9B901FC4E598CC89F2088219BCF3DCD8366A0CC9C240
File Size: 520.19 KB, 520192 bytes
MD5: bad7631a252d5b0cc98a65d01fb7317c
SHA1: 50f014ba7d8e09f594c68b60eed753eb0d94dde9
SHA256: 4D3E676588315DB1CF7C38A9DF9CC2CD8A60C3BE009B3C55C177761E16A7AFF9
File Size: 519.17 KB, 519168 bytes
MD5: 01e4d1d79d3a3c973733a62d8fd89262
SHA1: 92354ad75d5d3d21416419ddc9bb35bdbb6c8a8e
SHA256: 034A40A443EAE9AE27D01E0FC6F8CF13249E791F2C3F88CBC783C4C97D83CFF2
File Size: 280.58 KB, 280576 bytes
MD5: de261579f21d22a93719d707f1dee82c
SHA1: d85902b6cd87d0f5877db1c69c5397177541af38
SHA256: 139418120D1549EFB3F4F5EFBA2630703408A82B9717B3ED810281AE5EC8AB83
File Size: 298.50 KB, 298496 bytes
MD5: 3ab82c03466219ce5412353b66c63ded
SHA1: bcf0cb64663e0f1170798185c150ec8698cf42f6
SHA256: 0CCF63F3F24936EE2DCE6BA748F3F818007D29D5ABEB4EA3EFBEDE151B01766C
File Size: 803.40 KB, 803397 bytes
MD5: 30fb9cf3f1d802cd7a4f9d6689554621
SHA1: 9bc3524d9fad9f9d24a9f886d5b4f82c1bc4b714
SHA256: 6FFC2D3E8382601D29D41C7F91E351FBDA4D701E387AF4FC5FD61C52AFF32474
File Size: 614.91 KB, 614912 bytes
MD5: 8a8f9a844b107c5495b3d89d833c6bc9
SHA1: 47b5a2c20b74872ec0859d790c27651f8c94ee7b
SHA256: 27281CA69172CB4FE04A162B6DD5BDFD837161B2B5EF0DAE142F8B7F51BF3FEE
File Size: 385.02 KB, 385024 bytes
MD5: 9860f57a938b1fa13a26d4aecab1a94f
SHA1: 62f46405b3725429f47b76e31a9ca35c0cf5dacf
SHA256: 9DFCAE690E4DC8D5740E62DD02BE67461F3085A98816C49418EC1FC54D01FAE2
File Size: 263.17 KB, 263168 bytes
MD5: 719504ddc3410946b87ba659f5fe55e3
SHA1: 1d58ee911e56e930385041aafa9b8042164de425
SHA256: 777A78A9529C310D4D0B2A13DA783483C92C71CB6D8FFB612AE96198EE20BE9B
File Size: 324.61 KB, 324608 bytes
MD5: 9f1c2888ffec876329978e54c091f86f
SHA1: cd0da907ef9ebb1e862a68611d935f6b48a28a0e
SHA256: 54B0991E1549B52C44AFABEDDFE3865A6BD26392952BF5D5766FE8A17CB708A6
File Size: 250.37 KB, 250368 bytes
MD5: e78ffaf31cc3caa12f3b36de93fafb4b
SHA1: a5e8ba11d51c70886960d43bf0a287677009ce27
SHA256: 6A29D722895CFFA24784EB6F708BAA9CBAB0E078BB6387E033EE45DD736DB942
File Size: 433.15 KB, 433152 bytes
MD5: 27b7b098e10ab7dccb9b768cd86689eb
SHA1: 12250adba6d657c16691107ec3f6798644d401bc
SHA256: 22519D35E2639F01A5711E20EBDA3BB61C98A21F171777FC33671C7530D1299D
File Size: 367.10 KB, 367104 bytes
MD5: 50324279dc0d85c5a3e99be57a206c4b
SHA1: d48e325ac8bbd34ed5acf73be9e1e9d809d45895
SHA256: 42F32B1F5145B6ACF106F6A89ADFD7F35BAAAAED00ED1DA3309F79BDB1E9A84A
File Size: 279.04 KB, 279040 bytes
MD5: 0baac62157c01c6dc16211dee46de307
SHA1: f36801d6c22eb7577f3cfcc617be8970f65a5f5f
SHA256: 15A97D47D492880EC24B89D427385351811C9AB43423445517602E7A08C9301A
File Size: 385.54 KB, 385536 bytes
MD5: 04747efb88ac29a6b2a6d8779e68ec5c
SHA1: bcc7cdf33b24209412734e03420a0824a9044543
SHA256: ED95BF67D360D11A3FB7A95B64644D551F1B9502480C5BABF47A82727C7343FF
File Size: 4.21 MB, 4211530 bytes
MD5: b51bff67a06dbfff14421382d5ee5fb4
SHA1: 409dc9b9107b1d02ca7fba8c4977ad6f54ea697b
SHA256: E71795B39C98B8D1A64D7A54D5F2A8610BBA5BDAF0572E22C5FAF27E081DBCB6
File Size: 312.32 KB, 312320 bytes
MD5: eaccf78d0cbd316be189341a23f9ad6f
SHA1: a245b0f9aa494637c1c15c1d58151255045dc9f2
SHA256: 5CB8A3942EFF2762A6E0D1B6A808E158EB66284F6DA5008692F8F53ECB1A75DE
File Size: 244.22 KB, 244224 bytes
MD5: b29e813a316b85a74be4c903895530cb
SHA1: 4f3e3df1165d97d7362a084f0d40d665495e8097
SHA256: D9688D86AD054C57F910DBE72EFBAA12C8D3B8CAF37EB245B72989AC8162531C
File Size: 405.50 KB, 405504 bytes
MD5: e296fe91d79e871605b3f73080f288df
SHA1: 664eee3cefd84dea70b03cf057a3fc65552baa9a
SHA256: 343A7FCA2B5C02669532CF34CCF700C1E848D60ECC1EA3500C1E0ADC6E28BEAD
File Size: 299.01 KB, 299008 bytes
MD5: a24819a296f6826c099fdd401b919975
SHA1: 03360d71aac5c23567f6febcc42311f39edd5e90
SHA256: 4B8B0B17E2A95608B0E9D7DD08C410E1FEF3CB2F41D1C854C6E72D698A727266
File Size: 315.90 KB, 315904 bytes
MD5: 1762e97e926168e976b93aae791adf97
SHA1: b41d4aff3af86573b2cbaf639182d3d08d2fca9d
SHA256: D895AD666DEDEC0962AE7DD5346A6EC28F2E52E5256603E846EB66FF1DC415C8
File Size: 249.86 KB, 249856 bytes
MD5: 11872b31b92c9788cb311700caa7ba4d
SHA1: 85a70e4519b79bd3a5f81da7539a8cc9930e2a09
SHA256: 5E99E484D036C507E8882E3B51D6751D36CD7B67F676E2F08C911E4492E16487
File Size: 1.56 MB, 1560064 bytes
MD5: f2c39d7d5c6f612d2e2f8647a129a6af
SHA1: aa77723119c67e7dd4a81c532d2be97d640b70d3
SHA256: DADCC7D33CCE0EBF5AFAAF6EE6550657A726FD0F35BBE4DEE8E602D7441A063C
File Size: 251.90 KB, 251904 bytes
MD5: 2ed5f213700934f9405a8f1b7343a761
SHA1: f82815c2d9cb91420531f638b563324a0671ab25
SHA256: 294DB86EB6E891E8A3D0A1A5DC4A7DF5E7FAA8F1FA9AD1BAE7B7B8A886A4CDF5
File Size: 4.20 MB, 4202496 bytes

Windows Portable Executable Attributes

  • File doesn't have "Rich" header
  • File doesn't have exports table
  • File doesn't have resources
  • File doesn't have security information
  • File has exports table
  • File has TLS information
  • File is 64-bit executable
  • File is either console or GUI application
  • File is GUI application (IMAGE_SUBSYSTEM_WINDOWS_GUI)
  • File is Native application (NOT .NET application)
Show More
  • File is not packed
  • IMAGE_FILE_DLL is not set inside PE header (Executable)
  • IMAGE_FILE_EXECUTABLE_IMAGE is set inside PE header (Executable Image)

Windows PE Version Information

Name Value
Comments https://www.gta5-mods.com/tools/real-time-handling-editor
Company Name ikt
File Description Real Time Handling Editor for GTA V
File Version 3.0.1
Internal Name RTHandlingEditor.asi
Legal Copyright Copyright ikt (C) 2026
Original Filename RTHandlingEditor.asi
Product Name Real Time Handling Editor
Product Version 3.0.1

File Traits

  • big overlay
  • dll
  • fptable
  • HighEntropy
  • x64

Block Information

Total Blocks: 15,645
Potentially Malicious Blocks: 268
Whitelisted Blocks: 13,089
Unknown Blocks: 2,288

Visual Map

0 ? ? 0 ? ? ? ? ? ? 0 ? 0 ? 0 ? ? ? ? 0 0 0 0 0 ? ? ? ? ? ? ? ? ? ? ? 0 ? 0 0 0 ? ? ? ? ? ? 0 0 0 0 0 0 0 0 0 ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? 0 0 ? ? ? ? ? ? ? ? ? ? ? ? ? ? 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 ? ? ? ? ? ? ? ? ? 0 ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? 0 ? ? ? 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 ? ? ? 0 0 ? 0 0 ? 0 0 0 0 0 0 0 0 ? 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 ? 0 0 0 0 0 0 0 0 0 0 0 0 ? 0 ? 0 0 1 0 0 0 0 ? 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 ? 0 ? ? ? 0 0 0 0 0 1 0 0 0 0 0 0 0 ? ? 0 0 0 ? 0 ? ? 0 0 0 ? 0 0 0 0 0 0 0 0 ? 0 0 0 0 0 0 0 0 0 0 0 0 0 ? 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x ? 0 ? 0 0 ? ? 0 0 0 0 0 0 0 ? ? 0 0 0 0 0 0 ? 0 0 ? ? 0 ? ? ? ? 0 ? ? 0 ? ? 0 ? ? 0 ? ? ? ? 0 0 0 0 0 0 0 ? ? ? ? 0 ? 0 ? 0 ? 0 0 0 0 0 ? 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 ? 0 ? 0 0 0 0 0 0 0 0 0 0 0 0 ? 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 ? 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 ? ? 0 0 ? ? 0 0 0 ? 0 ? ? ? 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 1 0 0 ? 0 0 ? 0 0 0 ? 0 0 ? 0 0 ? 0 ? 0 0 0 0 x 0 x 0 0 0 0 0 0 0 0 0 0 ? 0 0 0 0 0 0 0 0 0 0 0 0 0 ? 0 ? ? 0 0 0 0 0 ? ? 0 0 0 0 0 ? 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 ? 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 ? 0 0 1 ? 0 0 0 0 x 0 0 0 0 0 0 0 0 x 0 0 ? 0 0 0 0 0 0 0 0 0 ? 0 0 0 0 0 0 ? 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 ? 0 0 0 0 0 0 0 0 0 1 0 1 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x 0 0 0 0 0 0 1 1 0 0 0 0 0 0 0 0 0 0 0 0 0 ? 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 ? 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 ? ? x x x x x x x ? ? ? ? ? ? ? 0 ? 0 ? 0 ? ? ? ? ? ? ? ? 0 ? ? ? ? ? 0 0 ? ? 0 0 ? 0 ? ? ? 0 ? 0 ? ? ? ? ? ? ? ? ? ? 0 ? ? 0 ? ? ? ? ? ? ? 0 ? ? ? 0 ? 0 ? ? 0 ? 0 ? ? ? ? ? ? 0 ? ? ? ? ? 0 ? 0 ? ? ? 0 ? ? ? 0 ? ? 0 0 0 0 0 0 ? 0 0 0 0 0 0 0 0 0 x ? 0 0 ? 0 ? 0 ? 0 ? 0 0 ? ? ? ? ? x 0 ? 0 0 0 0 0 0 0 0 0 0 0 ? ? 0 0 0 0 0 0 ? ? 0 0 0 0 0 0 1 0 0 0 0 ? ? 0 0 0 1 0 0 0 1 0 0 0 0 ? x x x ? x ? ? ? x x x ? ? ? ? ? x x ? x ? x x x x x ? x ? x x x ? x ? x x x x ? ? x x x x x ? x x ? 0 ? ? ? ? ? 0 ? ? ? ? ? ? ? ? ? ? 0 ? ? ? ? ? ? ? ? ? 0 ? ? 0 ? 0 0 ? 0 ? 0 ? ? 0 ? ? ? ? 0 ? 0 ? ? 0 ? ? ? ? 0 ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? 0 ? ? ? x ? ? ? x ? ? ? ? ? 0 ? 0 1 ? ? 0 ? ? 0 ? ? x ? ? ? ? ? 0 0 0 ? ? ? ? ? ? ? ? ? ? ? ? 0 ? ? ? ? ? ? ? 0 ? ? x ? ? ? ? ? x 1 ? ? ? ? 0 ? ? ? ? ? ? ? ? 0 ? ? ? ? ? ? ? ? ? 0 0 ? ? ? ? ? 0 0 ? 0 0 ? ? ? ? ? 0 0 ? ? ? ? 0 ? ? ? 0 ? ? ? ? ? ? ? ? ? ? ? ? ? 0 0 0 0 0 0 0 x 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 ? 0 ? ? 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 1 0 0 0 0 0 0 0 0 0 1 0 ? ? ? ? 0 0 0 ? 0 ? ? 0 0 ? 0 ? ? 0 ? ? ? ? ? ? ? ? ? ? ? 0 ? 0 ? ? ? 1 0 ? 0 ? 0 ? ? ? ? 0 0 ? ? ? ? ? ? ? ? ? 0 ? ? 0 ? 0 0 0 0 0 0 0 0 0 0 ? 0 0 ? 0 0 ? 0 ? ? 0 0 0 ? ? ? 0 ? ? 0 0 0 0 ? 0 0 0 ? 0 ? x ? ? ? ? ? ? ? 0 0 ? 0 ? 0 ? ? x ? 0 0 ? ? ? 0 ? ? 0 ? ? x ? 0 ? ? 0 ? ? 0 0 0 ? 0 0 0 ? ? ? 0 ? ? x ? ? ? ? ? ? ? ? ? ? ? ? ? ? x ? ? ? ? ? ? ? 0 0 ? ? ? ? 0 x ? ? ? ? ? ? ? ? ? 0 0 0 0 0 0 0 0 0 0 ? x ? ? x x x ? ? ? ? x ? ? ? ? ? ? ? ? ? ? ? ? x ? ? ? ? ? ? ? ? ? ? x ? x ? ? ? ? ? x ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? 0 ? ? ? ? ? ? ? ? ? ? ? ? ? x x x x x ? ? ? x ? ? ? ? ? ? ? x 0 x ? ? ? ? ? ? x ? ? ? ? x ? ? ? ? ? ? x ? ? ? ? 0 0 ? 0 0 0 0 0 0 0 ? 0 0 0 0 0 0 0 0 0 0 ? ? ? ? x x x x x x ? x ? x x x x x x x x x x x x ? ? 0 0 0 ? ? ? x 0 x ? ? ? ? ? ? x ? ? x x ? ? ? x ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? x ? x ? ? ? ? ? 0 ? ? ? ? ? ? ? ? 0 ? 0 ? 0 ? 0 x ? ? 0 ? 0 0 ? 0 0 x ? x x ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? 0 ? ? ? 0 ? ? ? x x ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? 0 ? ? ? ? ? ? ? 0 ? ? x ? ? ? ? ? ? ? x ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? x ? ? ? ? ? ? ? 0 ? 0 ? ? 0 0 ? 0 x ? 0 ? 0 0 0 0 ? ? ? 0 0 0 0 0 0 0 1 0 0 0 ? ? ? 0 ? 0 ? 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 ? ? ? ? 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x ? 0 0 ? ? 0 0 0 0 ? ? ? ? ? ? ?
... Data truncated
0 - Probable Safe Block
? - Unknown Block
x - Potentially Malicious Block

Similar Families

  • AddUser.XB
  • Agent.AVA
  • Agent.FDK
  • Agent.FSL
  • Agent.GSDT
Show More
  • Agent.GSE
  • Agent.KFSB
  • Agent.KORD
  • Agent.LPAA
  • Agent.LPQ
  • Agent.LPSE
  • Agent.OGGB
  • Agent.OISC
  • Agent.TBD
  • Agent.UDC
  • Agent.XFM
  • Agent.XRD
  • BadIIS.D
  • BadIIS.G
  • BadIIS.I
  • BadJoke.XK
  • Brute.LDB
  • Brute.LDK
  • CobaltStrike.GDD
  • CobaltStrike.SSB
  • CobaltStrike.XLC
  • CobaltStrike.XLF
  • ComHijacking.A
  • Cymulate.C
  • Downloader.Agent.PLA
  • Downloader.FSB
  • Downloader.GDS
  • Downloader.JDC
  • Downloader.UA
  • Dropper.X
  • Exploit.X
  • Farfli.RE
  • Filecoder.XP
  • Gamehack.BEF
  • Gamehack.EBF
  • Gamehack.KPB
  • Gamehack.LCV
  • Gamehack.SDB
  • HackAgent.KI
  • Injector.FSD
  • Injector.LJ
  • KillWin.H
  • KillWin.I
  • Kryptik.CTD
  • Kryptik.CTF
  • Kryptik.DRSB
  • Kryptik.DSK
  • Kryptik.DTGC
  • Kryptik.FRJ
  • Kryptik.GSD
  • Kryptik.KOE
  • LockScreen.RB
  • Malex.N
  • PSW.Agent.FSA
  • PSW.Agent.KA
  • PSW.Discord.M
  • ShellCode.AZ
  • ShellcodeRunner.GUA
  • ShellcodeRunner.RDD
  • TinyNuke.D
  • Trojan.Agent.Gen.ABC
  • Trojan.Agent.Gen.ABH
  • Trojan.Agent.Gen.ADG
  • Trojan.Agent.Gen.AKZ
  • Trojan.Agent.Gen.APJ
  • Trojan.Agent.Gen.AQM
  • Trojan.Agent.Gen.ASB
  • Trojan.Agent.Gen.ATI
  • Trojan.Agent.Gen.AUW
  • Trojan.Agent.Gen.AWU
  • Trojan.Agent.Gen.AYB
  • Trojan.Agent.Gen.AYP
  • Trojan.Agent.Gen.BAJ
  • Trojan.Agent.Gen.BDG
  • Trojan.Agent.Gen.BFX
  • Trojan.Agent.Gen.BL
  • Trojan.Agent.Gen.BMI
  • Trojan.Agent.Gen.BNJ
  • Trojan.Agent.Gen.BSF
  • Trojan.Agent.Gen.FN
  • Trojan.Agent.Gen.KB
  • Trojan.Agent.Gen.LP
  • Trojan.Agent.Gen.PY
  • Trojan.Agent.Gen.SQ
  • Trojan.Downloader.Gen.DA
  • Trojan.Downloader.Gen.DD
  • Trojan.Downloader.Gen.RA
  • Trojan.Filecoder.Gen.CH
  • Trojan.Filecoder.Gen.CI
  • Trojan.Injector.Gen.FRA
  • Trojan.Kryptik.Gen.AVE
  • Trojan.Kryptik.Gen.ECY
  • Trojan.Kryptik.Gen.JB
  • Trojan.Kryptik.Gen.NU
  • Trojan.ReverseShell.Gen.AK

7 additional families are not displayed above.

Files Modified

File Attributes
c:\users\user\downloads\gtamodworld.log Generic Write,Read Attributes

Registry Modifications

Key::Value Data API Name
HKLM\software\microsoft\windows nt\currentversion\notifications\data::418a073aa3bc1c75 悓⬉ʾǬ䠱O噀ñ቎ĤŁ傄ë횎ǜꂝʰ릣ʝ閾ʴ淃⟋ʪ柏ũߙĤᰂŁ鍂€ꩠŖÉ窵ň忶Ǥ対þ RegNtPreCreateKey
HKLM\software\microsoft\windows nt\currentversion\notifications\data::418a073aa3bc1c75 RegNtPreCreateKey
HKLM\software\microsoft\windows nt\currentversion\notifications\data::418a073aa3bc1c75 RegNtPreCreateKey
HKLM\system\controlset001\services\bam\state\usersettings\s-1-5-21-3119368278-1123331430-659265220-1001::\device\harddiskvolume2\windows\system32\conhost.exe 젘┖嚮ǜ RegNtPreCreateKey
HKLM\software\microsoft\windows nt\currentversion\notifications\data::418a073aa3bc1c75 RegNtPreCreateKey
HKLM\system\controlset001\services\bam\state\usersettings\s-1-5-21-3119368278-1123331430-659265220-1001::\device\harddiskvolume2\windows\system32\conhost.exe ࿟क꾚ǜ RegNtPreCreateKey

Windows API Usage

Category API
Syscall Use
  • ntdll.dll!NtAccessCheck
  • ntdll.dll!NtAlertThreadByThreadId
  • ntdll.dll!NtAlpcConnectPortEx
  • ntdll.dll!NtAlpcQueryInformation
  • ntdll.dll!NtAlpcSendWaitReceivePort
  • ntdll.dll!NtApphelpCacheControl
  • ntdll.dll!NtClose
  • ntdll.dll!NtConnectPort
  • ntdll.dll!NtCreateEvent
  • ntdll.dll!NtCreateFile
Show More
  • ntdll.dll!NtCreateMutant
  • ntdll.dll!NtCreateSection
  • ntdll.dll!NtCreateSemaphore
  • ntdll.dll!NtDeviceIoControlFile
  • ntdll.dll!NtDuplicateObject
  • ntdll.dll!NtDuplicateToken
  • ntdll.dll!NtEnumerateKey
  • ntdll.dll!NtEnumerateValueKey
  • ntdll.dll!NtFreeVirtualMemory
  • ntdll.dll!NtMapViewOfSection
  • ntdll.dll!NtOpenDirectoryObject
  • ntdll.dll!NtOpenEvent
  • ntdll.dll!NtOpenFile
  • ntdll.dll!NtOpenKey
  • ntdll.dll!NtOpenKeyEx
  • ntdll.dll!NtOpenMutant
  • ntdll.dll!NtOpenProcessToken
  • ntdll.dll!NtOpenProcessTokenEx
  • ntdll.dll!NtOpenSection
  • ntdll.dll!NtOpenSemaphore
  • ntdll.dll!NtOpenThreadToken
  • ntdll.dll!NtOpenThreadTokenEx
  • ntdll.dll!NtProtectVirtualMemory
  • ntdll.dll!NtQueryAttributesFile
  • ntdll.dll!NtQueryDebugFilterState
  • ntdll.dll!NtQueryInformationFile
  • ntdll.dll!NtQueryInformationProcess
  • ntdll.dll!NtQueryInformationThread
  • ntdll.dll!NtQueryInformationToken
  • ntdll.dll!NtQueryKey
  • ntdll.dll!NtQueryPerformanceCounter
  • ntdll.dll!NtQuerySecurityAttributesToken
  • ntdll.dll!NtQuerySecurityObject
  • ntdll.dll!NtQuerySystemInformation
  • ntdll.dll!NtQueryValueKey
  • ntdll.dll!NtQueryVirtualMemory
  • ntdll.dll!NtQueryVolumeInformationFile
  • ntdll.dll!NtQueryWnfStateData
  • ntdll.dll!NtReadFile
  • ntdll.dll!NtReleaseMutant
  • ntdll.dll!NtReleaseSemaphore
  • ntdll.dll!NtReleaseWorkerFactoryWorker
  • ntdll.dll!NtRequestWaitReplyPort
  • ntdll.dll!NtSetEvent
  • ntdll.dll!NtSetInformationFile
  • ntdll.dll!NtSetInformationKey
  • ntdll.dll!NtSetInformationProcess
  • ntdll.dll!NtSetInformationThread
  • ntdll.dll!NtSetInformationVirtualMemory
  • ntdll.dll!NtSetInformationWorkerFactory
  • ntdll.dll!NtSetTimer2
  • ntdll.dll!NtSubscribeWnfStateChange
  • ntdll.dll!NtTestAlert
  • ntdll.dll!NtTraceControl
  • ntdll.dll!NtUnmapViewOfSection
  • ntdll.dll!NtUnmapViewOfSectionEx
  • ntdll.dll!NtWaitForAlertByThreadId
  • ntdll.dll!NtWaitForSingleObject
  • ntdll.dll!NtWaitForWorkViaWorkerFactory
  • ntdll.dll!NtWaitLowEventPair
  • ntdll.dll!NtWorkerFactoryWorkerReady
  • ntdll.dll!NtWriteFile
  • ntdll.dll!NtWriteVirtualMemory
  • UNKNOWN
  • win32u.dll!NtGdiAnyLinkedFonts
  • win32u.dll!NtGdiBitBlt
  • win32u.dll!NtGdiComputeXformCoefficients
  • win32u.dll!NtGdiCreateBitmap
  • win32u.dll!NtGdiCreateCompatibleBitmap
  • win32u.dll!NtGdiCreateCompatibleDC
  • win32u.dll!NtGdiCreateDIBitmapInternal
  • win32u.dll!NtGdiCreateRectRgn
  • win32u.dll!NtGdiCreateSolidBrush
  • win32u.dll!NtGdiDeleteObjectApp
  • win32u.dll!NtGdiDoPalette
  • win32u.dll!NtGdiExcludeClipRect
  • win32u.dll!NtGdiExtGetObjectW
  • win32u.dll!NtGdiExtSelectClipRgn
  • win32u.dll!NtGdiExtTextOutW
  • win32u.dll!NtGdiFontIsLinked
  • win32u.dll!NtGdiGetCharABCWidthsW
  • win32u.dll!NtGdiGetDCDword
  • win32u.dll!NtGdiGetDCforBitmap
  • win32u.dll!NtGdiGetDCObject
  • win32u.dll!NtGdiGetDeviceCaps
  • win32u.dll!NtGdiGetDIBitsInternal
  • win32u.dll!NtGdiGetFontData
  • win32u.dll!NtGdiGetGlyphIndicesW
  • win32u.dll!NtGdiGetOutlineTextMetricsInternalW
  • win32u.dll!NtGdiGetRandomRgn

88 additional items are not displayed above.

Anti Debug
  • IsDebuggerPresent
  • OutputDebugString
Process Terminate
  • TerminateProcess

Trending

Most Viewed

Loading...