Trojan.GameHack.B

By CagedTech in Trojans

Threat Scorecard

Popularity Rank:	16,221
Threat Level:	80 % (High)
Infected Computers:	11,283

First Seen:	December 14, 2012
Last Seen:	March 24, 2026
OS(es) Affected:	Windows

Table of Contents

Analysis Report

General information

Family Name:	Trojan.GameHack.B
Signature status:	No Signature

Known Samples

MD5: 45b2bedd66626ea886f4006dc459f209

SHA1: 09a17a5ee20313caee3f37ef741f9ee39d56b0f8

SHA256: BC522B6DD8004BD19286E32A4EBA4FFD23C634650717CAC8910A7F6CF1473EBF

File Size: 2.38 MB, 2376704 bytes

Windows Portable Executable Attributes

File doesn't have "Rich" header
File doesn't have exports table
File doesn't have security information
File is 32-bit executable
File is either console or GUI application
File is GUI application (IMAGE_SUBSYSTEM_WINDOWS_GUI)
File is Native application (NOT .NET application)
File is not packed
IMAGE_FILE_DLL is not set inside PE header (Executable)
IMAGE_FILE_EXECUTABLE_IMAGE is set inside PE header (Executable Image)

File Traits

Block Information

Total Blocks:	2,073
Potentially Malicious Blocks:	1,317
Whitelisted Blocks:	728
Unknown Blocks:	28

Visual Map

0 0 0 0 0 0 0 0 0 ? ? ? ? x ? 0 0 0 0 0 0 0 0 0 x 0 0 0 ? ? 0 0 0 0 0 0 0 0 0 0 ? ? 0 0 ? x 0 0 ? 0 0 0 x 0 x 0 0 0 0 0 0 0 0 0 0 x ? 0 ? 0 0 0 0 0 0 ? ? ? 0 0 0 0 ? ? ? ? 0 0 0 0 0 0 ? 0 ? 0 0 ? ? ? ? ? x 0 ? 2 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 1 0 0 0 0 0 0 0 0 0 0 0 2 0 0 0 1 0 0 0 0 3 1 1 1 1 1 2 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x x 0 x x x x 0 0 x 0 x 0 x 0 x x x x 0 0 x 0 0 0 x 0 x 0 0 0 0 x 0 0 0 0 0 x x x x x x x x x 0 x x x x x x x 0 0 0 0 0 x 0 x x x x 0 x 0 0 0 0 0 0 x x 0 x 0 0 x x 0 x 0 x x 0 0 0 0 x 0 x 0 x 0 0 x x x 0 x 0 x x 0 x 0 0 0 x x x x x x 0 x 0 x 0 x 0 x x x 0 x 0 x 0 x 0 x 0 x 0 0 x 0 x x x x 0 0 0 x x 0 x x x x x x x x x x 0 x x x 0 x 0 x 0 0 x x x 0 0 x 0 x 0 0 x x x 0 x 0 x x 0 x 0 x 0 0 x 0 x x x x x x 0 x 0 0 x x x 0 x 0 x 0 0 x 0 0 0 x 0 0 x x x 0 0 x x x x x 0 x x x x x x x 0 0 0 x x x x x 0 0 x x 0 x x x 0 x 0 x x x x x x x x x x x x x x x x x x x x 0 x x 0 x x x x x x x x x x x x x x x x 0 0 x x 0 0 0 x 0 0 x 0 x x x x 0 0 x 0 x 0 x 0 x x x x x x 0 0 0 0 0 0 x x x x x x x x 0 x x x 0 0 x 0 x 0 x x x x 0 0 0 x x x x x 0 x x x x x 0 x 0 x 0 x 0 x 0 x x x x 0 x x x x x x x 0 0 x x x x x 0 x x 0 x x 0 x x 0 x x x x x x x x x x x x x 0 x x x 0 x x x 0 0 1 x x x 0 0 x x x x x x x x x x x x x x x x x x x x x 1 x 0 x x 0 x 0 x 0 x 0 x x x x 0 x x x x x 0 x x 0 x x x 0 0 x 0 x x x 0 x x 0 0 x 0 x x x x x x x 0 x x x 0 x 0 x 0 x 0 x 0 x x 0 x 0 x 0 x x 0 x x 0 x x x x x x x x x x 0 0 x 0 0 0 x x x x x x x x x 0 x 0 x 0 x x 0 x x x x 0 x x 0 0 0 0 x 0 x x 0 0 0 0 0 0 x x x 0 0 x x x x x x x x x x x x x x x x x x x 0 0 0 0 0 0 0 0 0 0 0 0 x x x 0 x 0 x x x x x x 0 x x x x x 0 x x x 0 x 0 0 x 0 0 x x 0 0 x 0 x x 0 0 x 0 x x 0 0 x 0 x 0 0 x 0 0 0 0 x 0 0 0 0 0 0 0 0 0 x 0 x x x x 0 0 x x 0 0 0 0 x 0 x 0 x x x x x x x 0 0 x x 0 x 0 x 0 x 0 x 0 x 0 x 0 x 0 x x x x x x 0 x x 0 x x x x x x 0 x x x x 0 x x x x 0 x 0 x x x x x x x 0 0 0 0 x x 0 0 x 0 x x 0 x x x 0 0 x x 0 0 x x x 0 x x x x x x x x x x x x x 0 x 0 x x 0 x x x x x x x 0 x x x x x x 0 x x x x x x x x x x 0 x x x x x x x x x x x 0 x x x x x x x 0 x 0 x x 0 x x 0 x x x x x x x x x x x x x x x x x x x x x x x x x 0 0 x x x x 0 x x 0 0 x 0 x x 0 x 0 x x x 0 0 0 0 x 0 0 0 0 0 0 x 0 x x x x x 0 0 x 0 x x x x x 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x 2 0 x 0 1 0 0 0 0 0 x x x x x x x x 0 x x x x x x x x x x x x x x x x x x x x x x 0 x x x x x x x x x 0 x x x 0 0 x x x 0 x x x x x x x x 0 x x x x 0 0 x x x x x x 0 x x x x x x x x x x x x x x x 0 x x x x x x x x x x x x x x x x x x x x x x x x x 0 x x x x x x x 0 x x x x x x x x x x x x x 0 x 0 x 0 0 x 0 0 x 0 x 0 x x x x x x x x x 0 x 0 x 0 x 0 x 0 x x 0 x x x x x x x x x x x x x x x x x 0 x x x x x x x x x x x 0 x 0 x x x x x x x x x x x 0 0 0 x 0 0 0 x x x x x x 0 0 x x x x x x x 0 x x x x x 0 0 x x x x 0 0 x x x x x x x 0 0 x x x 0 0 x x x x 0 0 x x x x x x 0 x x x x x 0 x x x 0 x x x x x x x x x 0 x 0 0 0 0 0 0 x x x x x x 0 x x x x x x x x x x x x x x x x x x x x 0 x 0 x x x x x x x x x x 0 x x x x x x x x 0 x x x x x 0 x x 0 x x x x x x x x x x x x 0 x x x 0 x x x x x x 0 0 x x x x x x x x x x x x x x x x x x x 0 0 x x x x 0 0 0 x x 0 x 0 0 x x 0 x x 0 x x x x 0 x x x x x x 0 0 x x x x x x x 0 x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x 0 0 x x x x 0 x x 0 x 0 x 0 x x x x 0 x x x x x x x 0 x x x x x 0 x 1 x x x x x x x x x x x 0 0 x x x x x x 0 x 0 x x x 0 x x 0 x 0 0 0 0 0 0 x x 0 x x x x 0 x x 0 0 x x x x x 0 x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x 0 0 x x x x x x x x x x x x x x 0 x x x x x x 0 x x x x x x x 0 x x x x x x x x x x x 0 x x x x x x x x x x x x x 0 x x x x x x x 0 x x x 0 x x x x x x x 0 x x x x x 0 x x x x x x 0 x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x 0 x x x 0 x 0 x x x x x x 0 x x 0 0 x x x x x 0 x x x x 0 x x x x 0 0 x x 0 0 x x x 0 0 x x 0 0 0 x x x x x 0 x x x x x x x x x x x x x x x x x x x x x 0 x 0 0 x x 0 x x x 0 0 x x 0 x x x 0 x x x x x x x x x x x x x x x x x x x x 0 0 x x x 1 1 0 0 1 1 0 1

0 - Probable Safe Block
? - Unknown Block
x - Potentially Malicious Block

Registry Modifications

Key::Value	Data	API Name
HKLM\system\controlset001\services\bam\state\usersettings\s-1-5-21-3119368278-1123331430-659265220-1001::\device\harddiskvolume2\windows\system32\conhost.exe	㫈䜒뢊ǜ	RegNtPreCreateKey

Windows API Usage

Category	API
Syscall Use	ntdll.dll!NtAlertThreadByThreadId ntdll.dll!NtAlpcSendWaitReceivePort ntdll.dll!NtClose ntdll.dll!NtCreateEvent ntdll.dll!NtCreateFile ntdll.dll!NtCreateMutant ntdll.dll!NtCreateSection ntdll.dll!NtCreateSemaphore ntdll.dll!NtDuplicateObject ntdll.dll!NtEnumerateValueKey Show More ntdll.dll!NtFreeVirtualMemory ntdll.dll!NtMapViewOfSection ntdll.dll!NtOpenFile ntdll.dll!NtOpenKey ntdll.dll!NtOpenKeyEx ntdll.dll!NtOpenProcessToken ntdll.dll!NtOpenSemaphore ntdll.dll!NtQueryAttributesFile ntdll.dll!NtQueryDebugFilterState ntdll.dll!NtQueryInformationProcess ntdll.dll!NtQueryInformationThread ntdll.dll!NtQueryInformationToken ntdll.dll!NtQueryKey ntdll.dll!NtQuerySystemInformationEx ntdll.dll!NtQueryValueKey ntdll.dll!NtQueryVirtualMemory ntdll.dll!NtQueryVolumeInformationFile ntdll.dll!NtReadFile ntdll.dll!NtReleaseMutant ntdll.dll!NtSetEvent ntdll.dll!NtSetInformationFile ntdll.dll!NtSetInformationProcess ntdll.dll!NtSetInformationVirtualMemory ntdll.dll!NtSetInformationWorkerFactory ntdll.dll!NtTestAlert ntdll.dll!NtTraceControl ntdll.dll!NtUnmapViewOfSection ntdll.dll!NtWaitForAlertByThreadId ntdll.dll!NtWaitForSingleObject ntdll.dll!NtWriteFile
Process Manipulation Evasion	NtUnmapViewOfSection
Process Shell Execute	CreateProcess
Anti Debug	IsDebuggerPresent NtQuerySystemInformation
Process Terminate	TerminateProcess

Shell Command Execution


							C:\WINDOWS\SysWOW64\rundll32.exe C:\WINDOWS\system32\rundll32.exe c:\users\user\downloads\09a17a5ee20313caee3f37ef741f9ee39d56b0f8_0002376704.,LiQMAxHB

EnigmaSoft’s Payment Processor Digital River GmbH Filing for Bankruptcy Does Not Impact SpyHunter Customers’ Anti-Malware Protection

Search

Change Region

Trojan.GameHack.B

Threat Scorecard

EnigmaSoft Threat Scorecard

Analysis Report

General information

Known Samples

Known Samples

Windows Portable Executable Attributes

Windows Portable Executable Attributes

File Traits

Block Information

Block Information

Visual Map

Registry Modifications

Registry Modifications

Windows API Usage

Windows API Usage

Shell Command Execution

Shell Command Execution

Submit Comment

Related Posts

Trojan.GameHack.BU

Trending

Mr Beast Discord Scam

Giant Coupons Official Extension

Chainbridgeworks.co.in

Most Viewed

How To Fix 'Printer Driver is Unavailable' Error

Pornktube.porn

Discord Shows Black Screen when Sharing Screen