gamepanel.exe

First submission 2022-07-31 04:13:04

File details

File type: PE32+ executable (GUI) x86-64 Mono/.Net assembly, for MS Windows
File type: 23561.5 KB (24126976 bytes)
Compile time: 2051-12-14 12:36:47
MD5: 697753fe45f9820256ea17fc86822fcd
SHA1: 3fa6873deb3386d24af33012e293ff898ebd69c0
SHA256: f9c18ae62800515194b33195dca0ec3b56b7b3483acd2d862cde40b1a83b86b6
Sections 2 .text .rsrc
Directories 1 resource
Virus Total: 18/70 VT report date: 2022-07-23 12:54:25

File features detected

Is DLL

Packers

Anti Debug

Anti VM

Signed

XOR

URLs, FQDN and IP indicators 1

URL Host (FQDN/IP) Date Added
hXXp://update.runespectral.com/gamepanel.exe VirusTotal Report update.runespectral.com VirusTotal Report 2022-07-31 04:13:04

PE Sections 1 suspicious

Name VAddress VSize Size SHA1 MD5 Suspicious
.text 0x2000 0x17019a0 24123904 7891aa02edde1212ff4287e70f6cf3088315d5ce 1153771de12a8e2edad2daed37296d95
.rsrc 0x1704000 0x9fa 2560 d256ebc1b09ca09452d250281e87484b24b3a300 9ab9ee5c2345445c7f252d0f3f84e4f9

PE Resources 4

Name Language Sublanguage Offset Size Data
RT_ICON LANG_NEUTRAL SUBLANG_NEUTRAL 0x1704130 744
RT_GROUP_ICON LANG_NEUTRAL SUBLANG_NEUTRAL 0x1704418 20
RT_VERSION LANG_NEUTRAL SUBLANG_NEUTRAL 0x170442c 996
RT_MANIFEST LANG_NEUTRAL SUBLANG_NEUTRAL 0x1704810 490

Meta infos 12

OriginalFilename: ucsvc.exe
Assembly Version: 10.0.19041.1052
Translation: 0x0000 0x04b0
InternalName: ucsvc.exe
FileVersion: 10.0.19041.1052
LegalTrademarks:
ProductVersion: 10.0.19041.1052
FileDescription: Game Bar
LegalCopyright: \xa9 Microsoft Corporation. All rights reserved.
Comments: Game Bar
ProductName: Microsoft\xae Windows\xae Operating System
CompanyName: Microsoft Corporation

Packers detected 2

Microsoft Visual C++ vx.x DLL
Microsoft Visual C++ v6.0

Strings analysis - File found

Database
iAS.dB
l].DB
Executable
eO QU.SO
Data
Dxuxslv.dat

Strings analysis - Possible URLs found 1

http://x.rune-spectrals.com/torrent/uploads/ucsvc_Rnmgwjkd.png