d0b854e65b5226f3fd0cae747e767b587efde9b8c8ed37bcdd154cf596d14c1a

Sharing

Copy URL Twitter E-mail

General

Target

d0b854e65b5226f3fd0cae747e767b587efde9b8c8ed37bcdd154cf596d14c1a
Size

948KB
MD5

5f0c253212f6130918a7960e3f455f8b
SHA1

6f6ca8054b742023826ffb5c7b5e4c733ada1003
SHA256

d0b854e65b5226f3fd0cae747e767b587efde9b8c8ed37bcdd154cf596d14c1a
SHA512

31a8086fd1e0c0b1699a1f0d0aea546443c18a59f749367c3f2d983551b427d531285ffa205686a7458d7665dafd112caf9238393d4d493b9fea2a4a24262b38
SSDEEP

12288:qtYPqWNdiI2z1Oi2Pok64tM9vyhKbqvz1qNRjYOXA5Q4211i40T5U1Im3pHQCaOV:kWMacqvzoNRYOXAu1uk9IhW

Score

N/A

Malware Config

Signatures

Files

d0b854e65b5226f3fd0cae747e767b587efde9b8c8ed37bcdd154cf596d14c1a
.dll windows x86

667ed808c29f5f5dd293411b58c8cbe2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

steam_api

SteamUtils
SteamAPI_RunCallbacks
SteamUser
SteamAPI_RegisterCallback
SteamAPI_UnregisterCallback
SteamFriends

steam

SteamRefreshLogin
SteamIsSecureComputer
SteamProcessCall
SteamGetUser
SteamAbortCall

kernel32

FatalAppExitA
SetUnhandledExceptionFilter
SetFilePointer
InterlockedExchange
InitializeCriticalSection
GetOEMCP
GetACP
GetStringTypeW
GetStringTypeA
IsValidCodePage
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
WideCharToMultiByte
MultiByteToWideChar
FreeLibrary
GetProcAddress
LoadLibraryA
GetModuleHandleA
VirtualQuery
HeapAlloc
GetProcessHeap
GetModuleFileNameA
CloseHandle
FlushFileBuffers
SetEnvironmentVariableA
CompareStringW
CompareStringA
GetLocaleInfoW
SetConsoleCtrlHandler
SetStdHandle
ReadFile
IsBadCodePtr
GetTimeFormatA
GetDateFormatA
GetSystemTimeAsFileTime
GetDriveTypeA
GetCurrentDirectoryA
GetFullPathNameA
GetCurrentThreadId
GetCommandLineA
GetVersionExA
ExitProcess
RtlUnwind
IsBadReadPtr
TlsAlloc
SetLastError
GetLastError
GetCurrentThread
TlsFree
TlsSetValue
TlsGetValue
DeleteCriticalSection
LeaveCriticalSection
GetUserDefaultLCID
EnterCriticalSection
GetTimeZoneInformation
VirtualProtect
VirtualAlloc
GetSystemInfo
TerminateProcess
GetCurrentProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
UnhandledExceptionFilter
WriteFile
LCMapStringA
LCMapStringW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
RaiseException
GetCPInfo
IsBadWritePtr

tier0

Error
?Lock@CThreadMutex@@QBEXXZ
Warning
CommandLine_Tier0
?DevMsg@@YAXPBDZZ
DevMsg
Msg
?Lock@CThreadMutex@@QAEXXZ
g_pMemAlloc
AssertValidStringPtr
_AssertValidWritePtr
_AssertValidReadPtr

vstdlib

GetCVarIF
RandomFloat
KeyValuesSystem

Exports

Exports

CreateInterface

Sections

.text
Size: 568KB - Virtual size: 565KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 104KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 856B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 196KB - Virtual size: 196KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

667ed808c29f5f5dd293411b58c8cbe2

Headers

File Characteristics

Imports

steam_api

steam

kernel32

tier0

vstdlib

Exports

Exports

Sections

.text Size: 568KB - Virtual size: 565KB

.rdata Size: 104KB - Virtual size: 101KB

.data Size: 12KB - Virtual size: 44KB

.rsrc Size: 4KB - Virtual size: 856B

.reloc Size: 60KB - Virtual size: 59KB

.text Size: 196KB - Virtual size: 196KB

.text
Size: 568KB - Virtual size: 565KB

.rdata
Size: 104KB - Virtual size: 101KB

.data
Size: 12KB - Virtual size: 44KB

.rsrc
Size: 4KB - Virtual size: 856B

.reloc
Size: 60KB - Virtual size: 59KB

.text
Size: 196KB - Virtual size: 196KB