PUP.Gamehack.EHBA

By CagedTech in Potentially Unwanted Programs

Table of Contents

Analysis Report

General information

Family Name:	PUP.Gamehack.EHBA
Signature status:	No Signature

Known Samples

MD5: 388408213403f30551fe07fab227e364

SHA1: 52b519936101420412c1bffac9ac3501b072e0e9

SHA256: DFF7EF70B6BAABCE08DD37186ABCABEE108E756BCCDA246B27DCB0F632CAC2F5

File Size: 2.20 MB, 2198528 bytes

Windows Portable Executable Attributes

File doesn't have "Rich" header
File doesn't have security information
File has exports table
File has TLS information
File is 64-bit executable
File is either console or GUI application
File is GUI application (IMAGE_SUBSYSTEM_WINDOWS_GUI)
File is Native application (NOT .NET application)
File is not packed
IMAGE_FILE_DLL is not set inside PE header (Executable)

IMAGE_FILE_EXECUTABLE_IMAGE is set inside PE header (Executable Image)

File Traits

dll
imgui
x64

Block Information

Total Blocks:	11,027
Potentially Malicious Blocks:	605
Whitelisted Blocks:	8,941
Unknown Blocks:	1,481

Visual Map

0 0 0 0 0 0 0 0 x x x x 0 ? x x x x x x x x 0 ? x x 0 0 0 0 0 0 x x x x 0 ? x x x x x x x x 0 ? x x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x x x x 0 ? x x x x x x x x 0 ? x x 0 0 0 0 0 0 0 x x x x 0 ? x x x x x x x x 0 ? x x 0 0 0 0 0 0 0 x x x x 0 ? x x x x x x x x 0 ? x x 0 0 0 0 0 0 0 x x x x 0 ? x x x x x x x x 0 ? x x 0 0 0 0 0 0 0 x x x x 0 ? x x x x x x x x 0 ? x x 0 0 0 0 0 0 x x x x 0 ? x x x x x x x x 0 ? x x 0 0 0 0 0 0 0 x x x x 0 ? x x x x x x x x 0 ? x x 0 0 0 0 0 0 x x x x 0 ? x x x x x x x x 0 ? x x 0 0 0 0 0 0 0 x x x x 0 ? x x x x x x x x 0 ? x x 0 0 0 0 0 0 0 x x x x 0 ? x x x x x x x x 0 ? x x 0 0 0 0 0 0 0 x x x x 0 ? x x x x x x x x 0 ? x x 0 0 0 0 0 0 0 x x x x 0 ? x x x x x x x x 0 ? x x 0 0 0 0 0 0 0 x x x x 0 ? x x x x x x x x 0 ? x x 0 0 0 0 0 0 0 x x x x 0 ? x x x x x x x x 0 ? x x 0 0 0 0 0 0 0 x 0 0 0 0 x x x x 0 ? x x x x x x x x 0 ? x x 0 0 0 0 0 0 0 x x x x 0 ? x x x x x x x x 0 ? x x 0 0 0 0 0 0 x x x x 0 ? x x x x x x x x 0 ? x x 0 0 0 0 0 0 0 x x x x 0 ? x x x x x x x x 0 ? x x 0 0 0 0 0 0 0 x x x x 0 ? x x x x x x x x 0 ? x x 0 0 0 0 0 0 0 x x x x 0 ? x x x x x x x x 0 ? x x 0 0 0 0 0 0 0 x x x x 0 ? x x x x x x x x 0 ? x x 0 0 0 0 0 0 0 x x x x 0 ? x x x x x x x x 0 ? x x 0 0 0 0 0 0 0 x x x x 0 ? x x x x x x x x 0 ? x x 0 0 0 0 0 0 x x x x 0 ? x x x x x x x x 0 ? x x 0 0 0 0 0 0 x x x x 0 ? x x x x x x x x 0 ? x x 0 0 0 0 0 0 x x x x 0 ? x x x x x x x x 0 ? x x 0 0 0 0 0 0 x x x x 0 ? x x x x x x x x 0 ? x x 0 0 0 0 0 0 0 0 0 0 x x x x 0 ? x x x x x x x x 0 ? x x 0 0 0 0 0 0 x x x x 0 ? x x x x x x x x 0 ? x x 0 0 0 0 0 0 0 x x x x 0 ? x x x x x x x x 0 ? x x 0 0 0 0 0 0 x x x x 0 ? x x x x x x x x 0 ? x x 0 0 0 0 0 0 0 x x x x 0 ? x x x x x x x x 0 ? x x 0 0 0 0 0 0 x x x x 0 ? x x x x x x x x 0 ? x x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x x x x 0 ? x x x x x x x x 0 ? x x 0 0 0 0 0 0 0 0 0 0 x x x x 0 ? x x x x x x x x 0 ? x x 0 0 0 0 0 0 x x x x 0 ? x x x x x x x x 0 ? x x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 ? ? 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 ? 0 0 0 0 0 0 0 0 0 0 0 0 0 x 0 0 ? ? ? ? ? x x ? ? ? ? ? ? ? 0 ? 0 ? ? 0 0 0 0 0 ? 0 0 0 0 x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x x 0 0 ? 0 0 0 0 0 x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 ? 0 ? 0 0 0 0 0 0 0 0 0 0 0 0 0 x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 ? 0 x 0 0 0 0 0 0 0 0 0 x x 0 0 0 0 0 x 0 0 0 0 0 ? 0 0 0 0 0 0 0 0 0 0 0 0 0 0 ? 0 ? 0 ? 0 0 0 0 0 0 0 0 0 x ? x 0 0 0 x 0 x 0 0 x x 0 0 0 0 0 0 0 0 ? 0 0 ? 0 1 0 0 0 0 ? x 0 ? 0 0 ? 0 0 0 ? 0 x x 0 0 ? 0 ? ? 0 x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0

... Data truncated

0 - Probable Safe Block
? - Unknown Block
x - Potentially Malicious Block

EnigmaSoft’s Payment Processor Digital River GmbH Filing for Bankruptcy Does Not Impact SpyHunter Customers’ Anti-Malware Protection

Search

Change Region

PUP.Gamehack.EHBA

Analysis Report

General information

Known Samples

Known Samples

Windows Portable Executable Attributes

Windows Portable Executable Attributes

File Traits

Block Information

Block Information

Visual Map

Windows API Usage

Windows API Usage

Submit Comment

Trending

Gadssmart.com

Virus.Expiro.LC

Trojan.MSIL.Spy.Agent.JA

Most Viewed

How To Fix 'Printer Driver is Unavailable' Error

How to Fix 'macOS cannot verify that this app is...

Discord Shows Black Screen when Sharing Screen