PUP.Gamehack.GAIA

By CagedTech in Potentially Unwanted Programs

Table of Contents

Analysis Report

General information

Family Name:	PUP.Gamehack.GAIA
Signature status:	No Signature

Known Samples

MD5: 2a18b001fdf77a37d7724ccb08254cff

SHA1: faf662bdbf3091a598e54780bf38fdd45cbcbe1d

SHA256: E89CA0E3E6DBB7FCF7D14C36C5BEF140E279F1463BACD5DA967709B3DA917E51

File Size: 499.20 KB, 499200 bytes

MD5: 0ca33e45cdd66d558982139358ef255e

SHA1: 7066bc179ab37c3f265da6ec9aa7968dfeb6cf1d

SHA256: A29AEE60E510A84139D541C1710CB3054B6ED4CBD4ACDF4458B411D4301E35BB

File Size: 633.86 KB, 633856 bytes

Windows Portable Executable Attributes

File doesn't have "Rich" header
File doesn't have security information
File has exports table
File has TLS information
File is 64-bit executable
File is either console or GUI application
File is GUI application (IMAGE_SUBSYSTEM_WINDOWS_GUI)
File is Native application (NOT .NET application)
File is not packed
IMAGE_FILE_DLL is not set inside PE header (Executable)

IMAGE_FILE_EXECUTABLE_IMAGE is set inside PE header (Executable Image)

Windows PE Version Information

Name	Value
Company Name	ermaccer
File Description	A plugin for UMVC3 MK1Hook
File Version	0.5.0.0 0.2.0.0
Internal Name	MK1Hook UMVC3Hook
Legal Copyright	Copyright (C) 2023
Original Filename	MK1Hook UMVC3Hook.asi
Product Name	MK1Hook UMVC3Hook
Product Version	0.5.0.0 0.2.0.0

File Traits

dll
imgui
x64

Block Information

Total Blocks:	1,756
Potentially Malicious Blocks:	95
Whitelisted Blocks:	1,501
Unknown Blocks:	160

Visual Map

? ? ? ? 0 ? 0 ? ? ? ? 0 ? ? ? ? 0 0 0 0 0 0 0 ? ? ? ? 0 0 ? ? 0 0 ? 0 0 1 0 0 0 1 0 ? 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 ? x ? x 0 x ? ? 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x 0 0 0 0 0 0 x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x 0 0 0 x 0 ? ? 0 0 0 x 0 0 0 0 0 0 0 1 x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x 0 0 0 0 x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x x 0 0 0 0 x 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 x 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 1 0 x 0 0 0 0 0 1 0 0 1 0 0 1 0 0 1 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 ? 0 0 0 0 0 0 0 ? 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 ? ? 0 ? ? 0 0 x 0 0 x 0 x 0 0 0 x x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x 0 0 0 0 0 ? 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x 0 0 0 0 0 0 0 0 0 x 0 0 0 0 0 0 0 0 0 x 0 0 0 0 0 0 0 x ? 0 ? 0 0 ? 0 ? ? 0 0 x 0 0 0 x x 0 x x 0 0 0 x x ? 0 0 0 0 0 0 0 ? 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x 0 0 0 x 0 0 0 0 ? ? 0 0 0 0 0 0 x 0 0 0 0 ? 0 0 0 0 0 x 0 0 0 ? x x 0 x 0 0 0 0 0 0 0 0 0 0 0 0 0 ? 0 0 x 0 0 0 0 x x x 0 0 0 0 0 0 0 0 0 0 0 0 ? 0 0 ? 0 x 0 0 0 ? 0 0 x 0 0 0 0 0 0 0 ? 0 0 0 0 x ? 0 0 x ? x 0 x x 0 x x x 0 0 x 0 x 0 0 0 1 0 x x x 0 0 x 0 x 0 0 x 0 0 0 x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x 0 0 x ? x ? 0 x 0 0 0 0 0 0 0 x x 0 0 0 0 x 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 x 0 0 0 0 0 0 0 0 x 0 0 0 0 0 0 0 0 x 0 0 0 0 0 0 0 0 0 x 0 0 0 0 0 0 0 x 0 0 0 0 0 0 x 0 0 0 0 x x x 0 0 0 x x x 0 x 0 x 0 0 0 0 0 0 0 0 0 0 0 0 0 ? ? ? ? ? ? 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 ? x 0 0 0 0 ? ? ? ? ? 0 ? 0 0 0 0 ? ? 0 0 ? ? 0 0 0 ? 0 0 ? 0 0 0 0 0 0 0 0 0 0 ? ? ? ? ? ? 0 ? ? 0 0 ? ? 0 0 ? ? ? ? ? 0 ? ? ? 0 x ? x 0 0 0 0 ? ? ? ? ? ? ? ? 0 0 0 ? ? ? ? ? ? ? ? ? ? ? 0 ? ? ? 0 ? ? 0 0 ? 0 ? ? 0 0 ? ? ? ? ? 0 ? 0 ? ? ? ? ? 0 ? ? 0 ? x 0 ? ? ? 0 ? ? 0 0 0 0 0 0 0 ? 0 ? 0 0 0 ? ? ? ? 0 ? 0 ? ? 0 ? 0 0 0 0 0 0 0 0 0 ? ? ? ? ? ? ? ? ? ? 0 ? ? 0 0 0 0 0 0 2 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 2 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0

0 - Probable Safe Block
? - Unknown Block
x - Potentially Malicious Block

EnigmaSoft’s Payment Processor Digital River GmbH Filing for Bankruptcy Does Not Impact SpyHunter Customers’ Anti-Malware Protection

Search

Change Region

PUP.Gamehack.GAIA

Analysis Report

General information

Known Samples

Known Samples

Windows Portable Executable Attributes

Windows Portable Executable Attributes

Windows PE Version Information

Windows PE Version Information

File Traits

Block Information

Block Information

Visual Map

Windows API Usage

Windows API Usage

Submit Comment

Trending

Adelorn.com

Trojan.Fuery

Trojan.MSIL.Dropper.T

Most Viewed

How To Fix 'Printer Driver is Unavailable' Error

How to Fix 'macOS cannot verify that this app is...

Discord Shows Black Screen when Sharing Screen