PUP.MSIL.Gamehack.CCA

By CagedTech in Potentially Unwanted Programs

Table of Contents

Analysis Report

General information

Family Name:	PUP.MSIL.Gamehack.CCA
Signature status:	No Signature

Known Samples

MD5: 259b20c8ce404c3f531c57e0f983ed27

SHA1: 39634839b1f2753d4ea4221ddf838a76100dfdcc

SHA256: 0638A64A1C4735CA3B1DA2D15466EC89CBEA4D438482B5D9749F259FB046DF55

File Size: 962.56 KB, 962560 bytes

MD5: 1e9f865536ed9ecffb89e3f5273e1b2e

SHA1: c64454d7443ae437cb24b0bbdd36bfe9cbeb58e5

SHA256: CE1C4945283F202454AEF8AFB7DE84AF53FCF1694692C2FAFFC804B9D089D578

File Size: 269.31 KB, 269312 bytes

MD5: 633d5190b0e937b4d824664826cdb603

SHA1: 9403b79dd235b2c1b6cc8ff2259de8911bf97300

SHA256: 022495F1E5DDC0E64A1E71CF589CAECCAB601B3F79C816DB600A8D46E51EC47B

File Size: 2.41 MB, 2406400 bytes

Windows Portable Executable Attributes

File doesn't have "Rich" header
File doesn't have exports table
File doesn't have security information
File is .NET application
File is 32-bit executable
File is console application (IMAGE_SUBSYSTEM_WINDOWS_CUI)
File is either console or GUI application
File is not packed
IMAGE_FILE_DLL is not set inside PE header (Executable)
IMAGE_FILE_EXECUTABLE_IMAGE is set inside PE header (Executable Image)

Windows PE Version Information

Name	Value
Assembly Version	1.0.0.0
Company Name	primeclient StupidTemplate
File Description	Arctic Template primeclient StupidTemplate
File Version	1.0.0.0
Internal Name	Crimson Client Reborn V1.dll primeclient.dll StupidTemplate.dll
Legal Copyright	Copyright © 2023
Original Filename	Crimson Client Reborn V1.dll primeclient.dll StupidTemplate.dll
Product Name	Arctic Template primeclient StupidTemplate
Product Version	1.0.0.0 1.0.0+299a03f303a853a9523c17b5d4413e2bccad30a4 1.0.0

File Traits

.NET
dll
HighEntropy
RijndaelManaged
x86

Block Information

Total Blocks:	3,071
Potentially Malicious Blocks:	366
Whitelisted Blocks:	1,665
Unknown Blocks:	1,040

Visual Map

x 0 0 ? 0 0 0 ? 0 0 0 0 0 ? 0 ? 0 0 ? 0 0 ? 0 0 ? 0 0 0 ? 0 0 0 0 ? ? 0 ? 0 0 0 0 ? ? x ? 0 0 0 0 0 ? 0 x 0 0 0 ? ? 0 0 ? 0 0 0 ? 0 ? 0 x 0 ? ? x ? ? ? ? x x ? 0 ? 0 ? ? ? 0 0 ? x ? 0 ? 0 0 0 x ? ? 0 x x ? x ? ? ? 0 0 0 ? ? ? ? ? ? 0 0 ? 0 ? x x 0 0 0 0 x 0 0 0 ? x ? 0 0 0 0 ? 0 ? 0 ? ? x 0 0 0 x 0 ? ? x 0 ? ? x 0 0 ? x x 0 x ? 0 ? 0 ? ? ? ? ? ? ? ? ? 0 ? ? x ? ? x 0 ? ? ? ? x ? 0 0 0 ? ? 0 ? ? ? ? x ? ? 0 ? ? ? 0 ? 0 ? 0 ? ? ? 0 ? ? 0 ? 0 0 0 0 0 ? ? 0 ? 0 0 x ? ? 0 x 0 0 0 ? 0 x x 0 ? 0 0 0 0 ? x 0 x ? ? 0 0 0 0 x x ? 0 ? x 0 ? ? 0 ? 0 ? 0 x 0 ? 0 ? ? 0 ? 0 ? 0 0 ? ? 0 0 ? 0 ? x 0 ? ? 0 ? 0 0 0 ? ? ? ? 0 0 0 x x ? ? ? 0 ? 0 ? ? 0 0 ? ? x 0 0 0 x ? 0 ? ? ? x ? 0 x ? 0 ? 0 0 0 ? ? ? ? 0 ? ? 0 ? ? x 0 0 ? ? 0 0 0 ? 0 ? 0 0 0 0 0 0 ? 0 x ? 0 0 0 ? 0 ? x ? ? ? 0 0 ? 0 0 ? 0 0 ? 0 0 0 x ? 0 ? ? ? x ? 0 ? x x 0 ? 0 0 0 0 0 ? x x ? ? ? ? ? ? ? 0 ? ? 0 ? 0 0 x 0 ? x ? 0 0 ? x ? ? 0 0 x ? ? ? ? ? ? 0 x x ? 0 0 0 x ? ? 0 0 ? ? 0 ? 0 x x ? ? 0 x 0 ? 0 x 0 0 x ? 0 0 0 ? x x ? ? ? 0 x 0 0 0 ? 0 0 ? 0 0 ? 0 0 ? ? x ? 0 0 0 0 ? 0 ? 0 x x ? x 0 0 ? ? 0 0 ? 0 x ? ? ? 0 0 ? 0 x ? ? 0 0 ? ? ? 0 ? x 0 x 0 x 0 ? x 0 ? x x ? 0 0 0 ? 0 ? 0 0 0 0 ? ? ? ? ? x 0 ? ? ? x ? x ? 0 0 0 ? 0 0 0 0 ? ? ? 0 ? 0 ? 0 0 ? x 0 ? x 0 0 0 ? ? 0 0 ? ? ? 0 0 ? x ? ? ? x 0 0 0 x ? ? 0 0 0 ? ? 0 0 ? ? ? 0 x ? x ? x ? x 0 x ? ? x 0 x 0 ? 0 ? ? ? ? 0 ? ? 0 0 0 0 ? 0 ? 0 ? ? ? ? x ? ? 0 0 ? 0 ? 0 0 ? 0 ? 0 0 ? ? ? 0 0 ? 0 ? 0 0 ? ? 0 ? 0 0 0 ? 0 0 ? 0 0 0 0 ? 0 0 0 0 0 ? 0 0 0 0 x 0 0 ? ? 0 0 0 ? 0 0 ? 0 0 0 0 0 ? 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 ? x 0 0 ? 0 0 0 0 0 0 0 0 ? ? 0 ? ? ? ? ? 0 ? 0 ? ? 0 0 0 0 ? 0 ? ? ? 0 0 0 0 0 0 0 ? 0 0 ? ? ? 0 0 0 0 0 0 0 ? 0 0 0 ? 0 0 0 0 ? 0 0 0 0 ? 0 0 0 0 0 0 0 0 ? ? 0 ? 0 ? 0 ? ? 0 ? 0 0 ? 0 0 0 ? 0 0 ? 0 0 0 0 0 ? ? ? 0 0 0 0 0 0 0 0 0 0 ? x 0 0 0 0 0 ? 0 0 ? 0 0 0 0 0 ? ? ? ? 0 ? 0 x 0 ? 0 0 0 ? 0 ? 0 0 ? x ? ? 0 0 0 0 ? ? 0 ? ? x 0 x 0 x ? x 0 ? x ? ? 0 ? x ? ? ? ? x ? ? ? x 0 0 ? ? ? ? 0 0 0 0 ? 0 x 0 ? 0 x ? ? 0 ? 0 0 0 ? 0 ? x 0 0 0 0 ? ? x x 0 0 ? 0 ? 0 0 0 0 ? 0 ? 0 0 ? 0 0 0 ? ? 0 0 0 x ? ? ? 0 0 0 0 x 0 ? 0 0 0 0 0 0 ? ? ? 0 0 0 x ? ? x ? 0 0 0 0 x x ? ? 0 0 ? ? ? ? 0 0 0 ? 0 ? ? ? 0 0 0 ? ? 0 ? 0 0 ? 0 ? ? 0 x x ? 0 ? 0 0 0 ? x 0 0 x 0 x ? ? 0 0 0 0 0 0 0 ? x ? 0 0 ? 0 0 ? ? ? ? 0 0 0 ? ? 0 0 0 ? x x ? x ? ? 0 0 0 ? ? ? 0 0 0 ? 0 0 0 ? 0 ? 0 ? 0 0 ? ? 0 ? 0 ? ? 0 0 ? 0 0 0 ? ? ? 0 0 ? ? 0 0 0 0 0 0 0 0 0 ? ? 0 0 0 ? 0 0 0 0 0 ? x 0 0 ? 0 0 0 0 0 ? 0 0 ? 0 ? ? 0 0 ? ? 0 ? 0 0 ? x 0 ? x 0 0 ? ? 0 ? 0 ? x 0 0 ? 0 0 ? ? ? 0 ? ? x 0 0 0 0 0 0 x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 ? ? 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x ? x x 0 0 0 0 0 ? 0 0 x ? 0 0 0 0 0 0 ? ? 0 0 0 ? 0 0 0 0 0 0 0 0 0 0 x ? 0 0 0 0 ? x x ? 0 0 0 0 ? ? 0 ? ? 0 ? 0 0 0 ? 0 ? 0 0 ? ? 0 0 0 0 0 0 0 0 0 0 0 0 x 0 0 0 0 0 0 0 ? ? 0 ? 0 0 0 0 0 0 0 0 0 ? 0 0 0 0 0 0 0 0 0 ? 0 0 0 0 0 0 ? 0 0 ? 0 0 0 ? 0 0 0 0 ? x x 0 0 0 0 ? ? ? ? x 0 x 0 0 0 0 0 0 0 ? ? 0 ? ? 0 ? 0 0 0 ? ? ? ? ? 0 0 ? ? 0 x x x ? 0 x ? ? x 0 ? 0 x 0 ? ? ? ? 0 ? ? x ? 0 0 0 0 0 0 0 ? 0 ? ? 0 ? ? ? ? 0 0 ? 0 0 0 0 0 0 0 0 0 0 0 ? 0 0 ? 0 ? 0 0 0 0 0 0 ? 0 0 0 x ? 0 0 0 0 0 0 0 ? 0 0 0 0 0 0 0 ? 0 ? 0 0 0 0 0 0 0 ? ? ? 0 0 0 0 0 0 ? ? 0 ? 0 0 x 0 ? 0 0 ? 0 0 0 0 x ? 0 0 0 0 0 0 0 0 0 x 0 0 0 0 0 0 0 0 x 0 0 ? 0 0 0 0 0 0 ? 0 ? 0 ? x x ? ? x 0 0 x ? ? 0 ? ? 0 x ? ? 0 ? 0 ? 0 x 0 ? ? ? 0 ? ? ? ? ? x ? ? ? 0 ? 0 0 x 0 0 0 0 0 0 0 0 ? 0 0 0 0 0 0 ? 0 x 0 0 0 0 0 0 0 0 0 0 ? 0 ? ? 0 0 0 0 0 0 x 0 0 ? 0 ? 0 0 0 0 0 0 0 0 0 x 0 0 0 0 0 0 0 0 0 0 0 x 0 0 0 0 0 ? 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x 0 ? 0 ? x ? 0 x 0 0 0 0 ? 0 ? ? 0 ? ? 0 ? x 0 0 0 x ? ? x 0 ? ? ? 0 0 x 0 ? 0 ? 0 0 0 ? ? 0 0 0 0 0 0 0 0 0 0 0 0 0 x 0 ? 0 ? 0 ? x ? ? 0 0 0 0 0 ? 0 0 ? 0 0 x 0 0 0 0 0 ? ? ? ? x 0 0 0 0 0 0 0 0 ? 0 x ? ? ? ? ? 0 0 ? ? ? ? 0 0 0 0 0 ? 0 0 0 ? 0 ? ? 0 x ? ? x 0 0 0 0 0 0 0 0 x 0 0 ? x x 0 0 ? 0 0 x 0 0 ? x ? ? 0 ? ? 0 0 ? 0 x 0 0 ? ? 0 ? ? x 0 x 0 0 0 0 x x 0 ? 0 ? 0 x ? ? 0 ? ? 0 0 0 0 ? 0 0 0 ? x ? 0 x 0 ? 0 0 0 ? x 0 0 0 0 0 0 0 0 0 ? x 0 ? ? x x 0 0 x 0 ? x 0 0 x 0 0 ? 0 0 0 x 0 0 ? 0 0 x 0 x x x x 0 0 x 0 x 0 0 ? ? ? 0 ? x x x ? 0 ? ? ? 0 0 0 0 ? 0 0 0 x 0 x ? ? 0 ? x ? ? 0 x 0 x 0 0 ? x ? ? x 0 ? x 0 x ? 0 0 ? 0 ? ? x 0 0 ? 0 x 0 x 0 0 0 ? x 0 x x 0 ? ? 0 x ? x ? 0 0 x ? ? ? 0 x ? ? 0 x x 0 x x ? x x 0 0 0 0 0 0 ? 0 0 0 0 0 0 0 0 0 0 0 x 0 0 x 0 ? x ? x 0 0 x 0 ? 0 0 0 0 ? 0 ? ? 0 x 0 ? 0 x 0 ? 0 0 ? 0 0 0 0 ? ? 0 0 0 0 0 0 ? x

... Data truncated

0 - Probable Safe Block
? - Unknown Block
x - Potentially Malicious Block

EnigmaSoft’s Payment Processor Digital River GmbH Filing for Bankruptcy Does Not Impact SpyHunter Customers’ Anti-Malware Protection

Search

Change Region

PUP.MSIL.Gamehack.CCA

Analysis Report

General information

Known Samples

Known Samples

Windows Portable Executable Attributes

Windows Portable Executable Attributes

Windows PE Version Information

Windows PE Version Information

File Traits

Block Information

Block Information

Visual Map

Windows API Usage

Windows API Usage

Submit Comment

Trending

BestArcadeHits

Adware.OpenSUpdater.AO

IMAP/POP3 Mail Server Verification Failure Scam

Most Viewed

How To Fix 'Printer Driver is Unavailable' Error

Discord Shows Black Screen when Sharing Screen

How to Fix 'macOS cannot verify that this app is...