PUP.Gamehack.UFB

By CagedTech in Potentially Unwanted Programs

Table of Contents

Analysis Report

General information

Family Name:	PUP.Gamehack.UFB
Signature status:	No Signature

Known Samples

MD5: 8d9122470f652cb9d05326c61a53793f

SHA1: 1046a495db5bdf87982d01d5186f97a51a48fa63

SHA256: 15DC9A0FF085E5CADAED020C50D08F2332703CAD37BFECEAE64278F4E8D751DA

File Size: 5.09 MB, 5087744 bytes

Windows Portable Executable Attributes

File doesn't have "Rich" header
File doesn't have exports table
File doesn't have security information
File has TLS information
File is 64-bit executable
File is console application (IMAGE_SUBSYSTEM_WINDOWS_CUI)
File is either console or GUI application
File is Native application (NOT .NET application)
File is not packed
IMAGE_FILE_DLL is not set inside PE header (Executable)

IMAGE_FILE_EXECUTABLE_IMAGE is set inside PE header (Executable Image)

File Traits

dll
imgui
x64

Block Information

Total Blocks:	9,994
Potentially Malicious Blocks:	234
Whitelisted Blocks:	9,567
Unknown Blocks:	193

Visual Map

0 0 0 0 0 0 0 x 0 0 x 0 0 0 ? ? 0 0 ? x 0 0 0 0 0 0 0 0 0 0 ? 0 0 0 0 0 0 0 0 0 0 0 0 x ? ? ? ? ? ? ? ? ? ? ? ? ? 0 0 0 1 x 0 0 0 0 0 0 0 ? ? ? 0 ? ? ? 0 0 ? ? 0 ? ? ? 0 ? ? x ? 0 ? ? 0 ? 0 0 ? ? ? x x 1 0 0 0 0 ? 0 x x x x ? 0 x ? 0 x ? 0 x x 0 0 0 x ? 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 x ? ? 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 1 0 x 0 ? 0 0 ? 0 0 x 0 x 0 x x x 0 0 1 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 ? 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 ? 0 0 x 0 x ? x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 ? ? ? 0 0 0 ? 0 x x 0 0 ? 0 0 x 0 ? 0 0 ? x 0 0 0 ? ? ? ? 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 ? ? x ? 0 0 0 x 0 x x x ? x ? ? x ? ? ? ? ? ? ? 0 ? ? ? ? ? 0 ? 0 ? 0 0 0 0 0 0 0 x 0 x 0 0 0 0 0 0 x 0 0 0 0 0 0 x ? 0 0 0 0 0 0 0 0 0 0 0 0 ? 0 0 ? 0 ? 0 x ? ? ? ? 0 0 x x ? 0 0 0 0 0 x 0 0 1 0 x 0 x 0 0 0 x 0 0 0 x 0 0 0 x x 0 0 0 0 x x 0 0 0 0 x x 0 0 0 0 0 ? 0 ? ? ? ? x x x 0 0 x x x 0 0 0 0 x ? x x x ? x ? ? ? ? ? ? 0 ? ? ? ? ? ? 0 ? ? ? ? ? ? 0 ? ? 0 ? ? x ? x 1 0 0 ? 0 ? 0 0 0 ? x 0 x 0 x 0 0 ? 0 0 ? 0 0 0 0 0 0 0 0 0 0 x x x 0 x x x 0 ? 0 0 0 0 ? x 0 0 0 0 0 0 0 0 0 0 x 0 x x 0 0 0 0 ? 0 0 0 0 x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x x 0 x x 0 x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 ? 0 0 0 0 x x 0 0 1 x 0 0 0 0 0 x 0 0 0 0 x 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x 0 0 ? 0 0 0 0 0 0 0 x 0 0 0 0 0 0 ? 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 ? x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 ? 0 0 0 ? 0 ? x 0 0 0 0 0 0 0 0 x x 0 0 0 x 0 0 0 0 0 x x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x 0 0 0 0 x 0 0 0 0 x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 x 0 0 0 0 0 0 0 0 0 0 0 x 0 0 0 0 0 0 0 0 x 0 0 0 0 0 0 0 0 x 0 0 0 0 0 0 0 x x 0 0 0 0 0 0 x 0 x 0 0 x 0 x 0 0 1 0 0 0 0 0 0 x 0 0 0 0 x x 0 0 0 0 x 0 x 0 0 0 0 0 0 x x 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 1 0 0 0 1 0 0 1 0 0 0 0 0 1 0 0 1 0 0 1 0 0 1 0 0 1 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x 0 0 0 0 0 0 0 0 0 0 0 x x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x 0 0 0 x 0 0 0 0 0 0 0 0 ? 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x x x x x 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x 0 0 0 0 0 0 0 0 0 0 0 0 x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 ? 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x 0 0 x 0 0 x 0 x x 0 0 0 0 0 ? x x ? 0 x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x x 0 0 0 0 0 0 x 0 x 0 0 0 ? ? x 0 0 0 x x x x x x 0 0 x x 0 ? 0 ? x 0 ? 0 x 0 0 ? 0 0 0 x 0 0 0 ? x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x 0 0 ? ? 0 0 0 ? x 0 x ? 0 0 0 ? 0 0 0 0 0 ? x x 0 x x 0 0 x ? 0 x x x x 0 x 0 0 0 x 0 0 0 0 x x 0 x 0 0 0 0 0 0 x 0 x 0 0 0 0 ? ? 0 x x ? x ? x 0 x 0 x 0 0 ? x 0 0 0 x 0 0 0 0 x 0 0 0 0 0 0 0 0 x 0 0 0 0 0 0 0 0 x 0 0 0 0 0 0 0 0 0 x 0 0 0 0 0 x 0 x 0 0 0 x x 0 x 0 0 0 x x x x x x 0 0 x x 0 x 0 x 0 x 0 0 0 0 0 0 0 0 x x ? 0 ? x ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? x ? x ? ? ? ? ? ? ? x ? x ? x ? ? ? ? ? ? 0 0 0 0 0 0 0 0 0 0 x 0 x 0 0 0 0 0 0 0 0 0 x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x 0 0 0 x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x 0 0 0 0 x 0 0 0 0 0 0 0 x x 0 0 x 0 0 x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0

... Data truncated

0 - Probable Safe Block
? - Unknown Block
x - Potentially Malicious Block

EnigmaSoft’s Payment Processor Digital River GmbH Filing for Bankruptcy Does Not Impact SpyHunter Customers’ Anti-Malware Protection

Search

Change Region

PUP.Gamehack.UFB

Analysis Report

General information

Known Samples

Known Samples

Windows Portable Executable Attributes

Windows Portable Executable Attributes

File Traits

Block Information

Block Information

Visual Map

Windows API Usage

Windows API Usage

Submit Comment

Trending

PWSteal.Reder.B

Worm.Allaple

Tratbc.com

Most Viewed

How To Fix 'Printer Driver is Unavailable' Error

Discord Shows Black Screen when Sharing Screen

Discord Is Stuck on Gray Screen