PUP.MSIL.Gamehack.GS

By CagedTech in Potentially Unwanted Programs

Table of Contents

Analysis Report

General information

Family Name:	PUP.MSIL.Gamehack.GS
Signature status:	No Signature

Known Samples

MD5: a4c215f5d735e13d82c539ad89799230

SHA1: 05fb277739b381b20897bda38d0934ef4777a18e

SHA256: C989FF890B098F8095C1DF65DF13B427418C322E9072642AF0D47FE0292A9465

File Size: 1.03 MB, 1031168 bytes

MD5: 319125e6207b57a6934a0170284cfd67

SHA1: 6050e38cd9ef945aaa732ee1f275fcc7cafb0de1

SHA256: DB0EEFFD0FAC1DEC5DA6AC61B5C73DE8654D8019F8EACD4A3562BD8F3EFF59A1

File Size: 1.01 MB, 1009664 bytes

MD5: 0ad302b7668d7043df12058cf3b2dc30

SHA1: afc0a8d0eadf2c973e093b3228497de778b5b7f6

SHA256: ED216A89F2777E0B62308C0C25440DCD312A5CB06C8DB4020892F1FA54E08AB8

File Size: 1.02 MB, 1016320 bytes

MD5: 9f0c4aff30a9fcf1fd28706bbab7a19d

SHA1: f357a740f964a3da370059f694805d1e884b1d4f

SHA256: 3E2138B208478A5ED6EB285FF1B38BAE31CCF78D5F88FB9C87628486D401E1D9

File Size: 958.46 KB, 958464 bytes

MD5: baef1a8a1a1ab2353053ad4cbc590ed3

SHA1: b7b1a4550f3c0290cc3310da3089497c89ba238c

SHA256: 587B85F51742CBC63B78892818121B21F13CD577A8502F6B67A7FB69DDA8F660

File Size: 411.65 KB, 411648 bytes

MD5: bb14fe0672c8be80c4a82aac63564925

SHA1: e8169e838176bddb2a6f073bcc30b5f9a02bb5bb

SHA256: 2415B7A0ADF2BDD9D73EB4B760CA45A17A28438D92E9D441B67AB7C6994B907A

File Size: 1.01 MB, 1009664 bytes

MD5: 92d6fe0b4ec5aa0e1888854adf06a955

SHA1: b6651e1b8654e363d83630c8f59b9be9c74a0b3a

SHA256: 04551479773D5717EA82018F2F21D4A4E5377237732A3127ED0FC7AC9A3F7DD5

File Size: 1.02 MB, 1018368 bytes

Windows Portable Executable Attributes

File doesn't have "Rich" header
File doesn't have exports table
File doesn't have security information
File is .NET application
File is 32-bit executable
File is console application (IMAGE_SUBSYSTEM_WINDOWS_CUI)
File is either console or GUI application
File is not packed
IMAGE_FILE_DLL is not set inside PE header (Executable)
IMAGE_FILE_EXECUTABLE_IMAGE is set inside PE header (Executable Image)

Windows PE Version Information

Name	Value
Assembly Version	1.0.0.0 0.0.0.0
File Version	1.0.0.0 0.0.0.0
Internal Name	Assembly-CSharp.dll SM.dll
Legal Copyright	Copyright © 2024
Original Filename	Assembly-CSharp.dll SM.dll
Product Version	1.0.0.0 0.0.0.0

File Traits

.NET
dll
x86

Block Information

Total Blocks:	3,739
Potentially Malicious Blocks:	2,120
Whitelisted Blocks:	1,340
Unknown Blocks:	279

Visual Map

0 0 0 0 0 0 0 0 0 0 0 0 0 x 0 0 x x 0 x 0 x x x 0 x 0 ? 0 ? ? ? ? ? 0 x 0 ? ? ? ? x 0 0 x x x x x x x x x x x 0 x x x x x x x x 0 x x x x x x x x 0 x x x x 0 x x x x x 0 0 x x 0 x 0 x x 0 x x x x 0 ? x x x x x x x x x x x x x x x x x 0 0 x x x x x x x 0 x x x 0 ? ? ? ? 0 ? 0 0 0 0 x 0 ? ? 0 x x x x 0 0 0 0 0 x x x x x x x 0 0 0 0 x x x 0 0 x x x x 0 0 0 x 0 x x 0 ? 0 ? ? ? 0 x x ? ? 0 0 ? ? 0 ? ? ? ? ? ? 0 x x x x x x x x x x x x 0 x x x x x 0 x x x x x 0 0 x x 0 0 x x 0 0 x x x 0 x 0 x 0 x 0 x 0 0 0 x 0 x 0 x 0 0 0 x 0 x 0 x 0 x x 0 x 0 x 0 0 0 x 0 x 0 0 0 x 0 x 0 x x x x x x x x x x x x x x x 0 x x 0 0 ? 0 ? 0 0 0 ? x x x x x x x x x 0 x x 0 x x x x 0 x x x x x x x x x x 0 x x 0 0 x x x 0 x x x x x x x x 0 x x 0 x 0 x 0 ? ? ? ? x x 0 x x x x x 0 0 x x x x x x x 0 x x x x ? ? x 0 0 0 0 0 0 x 0 x 0 x x x x x 0 x x x x x x x ? x x 0 x ? x x x 0 0 0 0 0 0 x 0 x x x 0 0 x x x x x x 0 x x x 0 x x x 0 0 x x x x x x x x x 0 0 x x x x x x 0 x x 0 x x x x x x 0 x x 0 0 x x x x x x x x x x 0 0 x ? 0 x x x x 0 x x x 0 x x x x x x x x 0 x x x x x x x x x x x 0 x x 0 x x x x x x 0 x x x x x 0 x ? x x x x x x x 0 x x 0 x x x x 0 x 0 0 x x x x ? 0 0 x ? 0 ? ? ? x 0 x ? x x ? 0 0 0 x x 0 0 x x x 0 x x 0 x ? x ? x x 0 x x x x x x 0 0 ? ? 0 x x x x x 0 x x 0 x x 0 x 0 x 0 x x x x x 0 ? x ? ? ? ? x 0 0 x x x x x x x ? x x x 0 x x x x x x x x x x 0 x x x x x x x x 0 x x x x ? 0 x x x x x x x x x x x x 0 x x x x x x x x x 0 x 0 0 x x x 0 0 x x x x 0 x 0 x x 0 x 0 x x x x x 0 ? ? ? ? ? ? ? 0 0 ? ? 0 ? x x x 0 x x x x x x x x x x x x x x x x x x x x x x 0 x x ? 0 0 x x x x 0 x x x x x x 0 x 0 x x x x x x x x 0 0 x 0 x x x x x x x x 0 x 0 0 x x x x x 0 0 0 0 x x 0 x 0 0 0 x 0 0 0 0 0 0 0 0 x 0 x x x x 0 ? ? ? ? 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x x x x x 0 x 0 0 0 0 0 0 0 0 x 0 x x 0 ? ? 0 ? ? ? 0 0 x x x x x x x x ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? 0 ? 0 ? ? ? ? ? ? ? ? ? ? ? 0 ? ? ? ? x x 0 0 x 0 x x 0 x 0 x x x x x x x x 0 x x x x x x x x 0 x x x x x x x x x x x x x x x 0 0 0 0 x x x 0 x x 0 0 x x x ? x ? x x x x 0 0 x x x 0 0 0 0 0 0 x x x x 0 x 0 0 0 0 0 x 0 x x x x x x 0 0 x 0 0 x x x x x 0 x x x x x x 0 x 0 x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x 0 x 0 x x 0 x x x x 0 x 0 x x 0 x 0 x x 0 0 x x x x x x x x 0 x x x x 0 0 0 x 0 0 x x x x x x x x 0 x 0 x x x x x 0 ? ? ? 0 x ? 0 ? x x 0 0 0 x 0 x 0 x x x 0 0 x 0 x x 0 0 ? ? ? 0 ? ? ? ? ? ? ? 0 ? ? 0 x x 0 ? ? ? ? 0 0 ? x x x 0 x 0 0 0 0 0 0 0 x x x x x 0 x x x x 0 0 x x x ? 0 ? ? ? 0 ? ? ? x ? ? ? x x 0 ? x 0 ? x x x x x x ? x x x 0 x 0 x x ? 0 ? ? x ? x 0 ? x x x x x 0 ? x x x x 0 0 x x x 0 x 0 0 x x x 0 x x 0 x x 0 ? x 0 x 0 x x 0 0 x x x x x x x x x 0 ? ? x 0 x x x x 0 ? ? 0 x x x x x x x x 0 x x 0 x 0 0 0 0 x x x x 0 0 0 x 0 0 0 x 0 x x 0 0 0 0 x x x x x 0 x x 0 x 0 x x x x 0 x 0 0 0 x 0 0 0 0 x 0 x x 0 x 0 x 0 0 0 0 x 0 0 x x 0 0 0 0 x x 0 0 0 x 0 0 x 0 0 0 x ? x x x 0 x 0 x 0 0 x x x x ? 0 x x x x x ? x x x x x x 0 0 x 0 0 0 0 0 0 0 0 0 x x x x x x x x x x x x 0 0 x 0 x x x x ? x x 0 x x 0 ? ? ? 0 ? ? 0 0 0 x ? x x x x x x x 0 0 0 0 0 0 x 0 x 0 x x x 0 x ? 0 x ? ? ? x x x x x x x x x x x x x x x x x x x x 0 x x x x x x x x x x x x x x x x x 0 x x x 0 x ? 0 x 0 0 x 0 0 x 0 ? 0 0 ? ? ? 0 0 0 0 x ? 0 x x ? 0 0 x 0 0 x x x x x 0 x x x x 0 x x x x x x x x 0 0 0 x 0 x 0 x 0 x 0 x x x 0 x 0 0 x 0 x 0 x 0 x 0 x 0 x 0 x 0 x 0 x 0 x 0 x 0 x 0 x x x x 0 0 0 0 0 0 0 x 0 0 x 0 0 x x 0 x 0 x x x x x x x x x x x x x x 0 0 x x x 0 0 0 x x 0 x x 0 x 0 x 0 x x x x x x x 0 x 0 0 x x x x x 0 x x x x 0 0 x x 0 0 0 x 0 x x x x x x x x 0 x x x x x 0 x x x x x x x x x x x x 0 x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x 0 x 0 0 0 0 x 0 0 0 x x 0 0 x x 0 x x x x 0 0 0 x x x x x 0 0 0 0 x 0 x x x x 0 x 0 x x x x x x x 0 0 x 0 0 0 0 0 0 0 x x x x x x x x x 0 x x x x x x x x x x 0 0 x 0 0 x x 0 0 0 0 x x 0 x x x x x x x x 0 0 0 x 0 x x x x 0 0 x x x 0 x x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x x 0 x x x x x 0 0 0 0 0 0 0 0 0 0 0 0 0 x x 0 x 0 x x x x x x x x 0 0 x x x 0 x 0 0 x 0 x x x x x x x 0 0 x 0 0 x x x x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x 0 0 0 0 0 x 0 0 0 x 0 0 0 0 0 0 0 0 0 0 0 0 x x 0 0 x 0 x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x 0 0 0 0 0 0 x x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0

... Data truncated

0 - Probable Safe Block
? - Unknown Block
x - Potentially Malicious Block

Similar Families

MSIL.Gamehack.GS

EnigmaSoft’s Payment Processor Digital River GmbH Filing for Bankruptcy Does Not Impact SpyHunter Customers’ Anti-Malware Protection

Search

Change Region

PUP.MSIL.Gamehack.GS

Analysis Report

General information

Known Samples

Known Samples

Windows Portable Executable Attributes

Windows Portable Executable Attributes

Windows PE Version Information

Windows PE Version Information

File Traits

Block Information

Block Information

Visual Map

Similar Families

Similar Families

Windows API Usage

Windows API Usage

Submit Comment

Trending

Www1-notifsmartads.azurewebsites.net

PUP.Gametool.PDB

Forasom Ransomware

Most Viewed

How To Fix 'Printer Driver is Unavailable' Error

How to Fix 'macOS cannot verify that this app is...

Discord Shows Black Screen when Sharing Screen