PUP.Gamehack.KFA

By CagedTech in Potentially Unwanted Programs

Table of Contents

Analysis Report

General information

Family Name:	PUP.Gamehack.KFA
Packers:	UPX!
Signature status:	No Signature

Known Samples

MD5: ff5476636d3b9be3f2df8c7c6d31854b

SHA1: e192565a70cf0781053f62db9e36beb938b2bd8c

SHA256: FF2F0A3C3D7ADD7B848967EBB8D73FD47235997B21B39C2F4844E18370018A9F

File Size: 363.01 KB, 363008 bytes

Windows Portable Executable Attributes

File doesn't have "Rich" header
File doesn't have debug information
File doesn't have security information
File has been packed
File has exports table
File has TLS information
File is 64-bit executable
File is either console or GUI application
File is GUI application (IMAGE_SUBSYSTEM_WINDOWS_GUI)
File is Native application (NOT .NET application)

IMAGE_FILE_DLL is not set inside PE header (Executable)
IMAGE_FILE_EXECUTABLE_IMAGE is set inside PE header (Executable Image)

File Traits

dll
imgui
packed
x64

Block Information

Total Blocks:	2,696
Potentially Malicious Blocks:	174
Whitelisted Blocks:	2,161
Unknown Blocks:	361

Visual Map

x x 0 0 0 0 0 0 0 ? ? 0 0 0 ? 0 x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 ? 0 0 0 0 0 0 0 0 0 x 0 0 0 x 0 0 0 x 0 0 0 0 0 0 0 x 0 x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x 0 x x 0 0 x 0 x 0 0 0 0 0 0 x x 0 x 0 0 x 0 0 0 0 0 0 0 0 0 0 0 0 0 x 0 0 0 0 x x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 ? 0 0 0 0 0 0 0 x 0 0 0 0 0 0 0 0 0 0 0 0 x 0 x 0 0 x 0 0 0 x 0 0 0 0 x x x 0 0 0 0 0 0 0 0 0 0 x x x 0 0 0 x x x 0 x x 0 0 0 0 0 ? 0 0 0 0 ? 0 x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 1 0 0 0 0 0 x 0 0 0 0 0 0 0 x 0 0 0 0 0 0 0 x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x 0 0 0 0 0 0 0 0 0 x x x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 x 0 0 x x 0 x x 0 x 0 0 0 0 0 0 0 0 x x x 0 0 0 0 0 0 0 0 0 0 0 0 0 x x 0 0 0 0 x 0 x x 0 0 0 0 0 0 0 0 0 x 0 0 x 0 0 0 0 0 0 0 x 0 0 x 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 x x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 1 0 0 0 1 0 0 0 1 x 0 0 0 0 1 0 0 1 0 0 1 0 0 1 0 0 1 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x 0 x 0 0 0 0 0 0 0 1 x 0 0 0 0 0 0 0 0 0 0 0 0 0 x x x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 x 0 0 0 0 0 x 0 0 0 0 0 0 0 x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 x 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 ? x 0 0 0 0 0 0 0 0 0 0 0 0 ? 0 0 0 0 0 0 0 0 0 0 0 x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x 0 0 0 0 0 0 0 x x 0 0 0 0 0 x 0 0 0 x x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x x x x x 0 0 0 0 0 0 0 0 0 0 0 x ? 0 x 0 x x x 0 x 0 0 x 0 0 0 0 0 0 0 0 ? ? 0 0 0 0 0 0 0 0 0 x 0 x x x 0 0 0 x x 0 0 0 0 ? x 0 0 0 0 0 0 0 0 0 x 0 0 0 0 0 0 x 0 0 0 0 0 0 0 x 0 x 0 0 0 0 0 0 x 0 0 x x 0 0 0 ? ? 0 ? ? x x x 0 x 0 0 0 ? 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x x x ? 0 0 0 0 0 x 0 x 1 x 0 x 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 x 0 0 0 0 0 0 0 0 ? ? 0 ? 0 ? 0 x 0 ? ? 0 ? ? 0 ? ? ? 0 ? ? ? ? ? 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 ? 0 0 0 0 x 0 0 1 0 0 0 0 0 0 0 0 0 0 0 1 0 0 x x 0 x 0 0 x x x 0 x 0 0 0 0 x 0 0 0 x 0 x 0 x x 0 x x x 0 0 0 0 x 0 0 0 0 0 0 0 0 0 0 0 1 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x 0 0 0 0 0 0 0 0 0 0 0 0 0 x 0 0 0 0 0 0 0 0 x 0 0 0 0 0 0 0 0 0 0 0 1 0 0 ? ? 0 0 ? 0 0 0 0 0 ? 0 0 ? ? ? ? ? ? ? ? ? 0 ? ? 0 ? ? ? 0 ? ? ? ? ? ? ? ? ? 0 ? ? ? ? ? ? 0 ? ? ? ? ? ? ? ? ? ? ? ? 0 ? 0 ? ? 0 0 ? ? ? ? ? ? 0 ? 0 ? ? 0 0 ? ? 0 0 ? ? ? ? ? 0 0 0 ? ? x 0 0 ? ? ? ? 0 ? 0 ? 0 ? ? ? ? ? ? ? ? ? ? ? ? ? ? 0 ? ? ? ? ? ? 0 ? ? ? ? ? ? ? 0 ? ? ? ? 0 ? ? ? ? 0 ? ? ? ? ? ? ? 0 ? ? ? 0 ? ? ? ? ? 0 ? ? ? 0 ? ? ? ? ? ? 0 ? ? ? 0 ? ? ? 0 ? ? 0 ? ? ? ? ? ? ? ? ? 0 ? ? ? ? ? ? 0 ? ? ? ? 0 ? 0 ? ? ? ? ? ? ? ? 0 ? ? ? 0 ? ? 0 ? ? ? ? ? ? ? ? ? 0 0 ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? 0 ? ? ? ? ? ? 0 ? ? ? ? 0 ? 0 ? ? ? ? ? ? ? ? 0 ? ? ? 0 ? ? 0 ? ? ? ? ? ? ? ? ? 0 0 ? ? ? ? ? ? ? ? ? ? ? 0 ? ? ? 0 ? ? ? ? 0 ? ? ? 0 ? ? 0 0 0 0 0 ? ? 0 ? ? 0 ? 0 ? ? ? ? ? ? 0 0 0 ? ? ? ? 0 0 0 ? ? ? ? ? ? ? ? 0 ? ? ? ? ? 0 0 0 0 ? 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 ? 0 0 ? 0 0 ? x 0 0 0 0 0 0 0 0 ? ? 0 0 0 0 0 ? 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 ? 0 0 0 0 0 0 0 x x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 ? 0 0 x 0 0 0 0 0 0 0 0 0 0 0 0 ? 0 0 0 0 0 0 0 x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 ? ? ? ? 0 0 0 0 0 0 0 0 ? 0 0 0 0 ? 0 0 x x 0 0 x 0 x 0 0 0 0 0 0 0 0 0 0 0 ? 0 0

... Data truncated

0 - Probable Safe Block
? - Unknown Block
x - Potentially Malicious Block

EnigmaSoft’s Payment Processor Digital River GmbH Filing for Bankruptcy Does Not Impact SpyHunter Customers’ Anti-Malware Protection

Search

Change Region

PUP.Gamehack.KFA

Analysis Report

General information

Known Samples

Known Samples

Windows Portable Executable Attributes

Windows Portable Executable Attributes

File Traits

Block Information

Block Information

Visual Map

Windows API Usage

Windows API Usage

Submit Comment

Trending

Ads by Customer Promos

Trojan.Kryptik.WG

STOX-C.Trojan

Most Viewed

How To Fix 'Printer Driver is Unavailable' Error

How to Fix 'macOS cannot verify that this app is...

Discord Shows Black Screen when Sharing Screen