Specifics

This is the specific section of the application that lists all the libraries and other external requirements the build and more information that does not come shipped with the application.

Basic information (1)

• OS -> Windows

• Arch -> X64

• Language -> C++20

• Charset -> Multi byte

Security information (2)

• Data Obfuscation -> Uses two different XOR algorithms (compile time string encryption)

• Anti Application -> Thread that checks if blacklisted applications are running

• Anti Debug (13x) -> 13 different unique anti-debug systems on one thread

• Anti Dumping -> Inactive for level 1-2 but it checks for dumpers

• Anti Virtualization -> inactive for level 1-2 but checks for virtualization artifacts

• Anti Window -> Some windows and window classes are done

• Other -> over 23 other security systems exist, they are unused in L1-L2

Binary Vulnerabilities (3)

• Buffer Overflow x1

• Use After Free x1

• Double Free x2

• Integer Overflow x2

• Format String x5

Web vulnerabilities (4)

• XSS (only one right now, for basic PoC)

Security concerns (5)

• No input checks x22

• No data typing checks x40

• No character checking x10

• No data sanitization x3

• No integrity checks on files or required data x4

• Inactive anti debug systems that never work (too much) +20

Libraries (6 [imports])

• KERNEL32.dll

• USER32.dll

• WS2_32.dll

• D3D11.dll

• DWMAPI

Libraries (7 [called])

• NTDLL.dll

Third Party (8)

• SkCrypt

• XorStr

• Nlohmann JSON

• Lazy Importer