Steamip (1)[.]7z

Sharing

Copy URL Twitter E-mail

General

Target

Steamip (1).7z
Size

477KB
MD5

b7a5c4ba271bb21adfb1d689f9698a25
SHA1

0d8a61ca4ed92a60242c59a104bfbe7760a5de56
SHA256

df75030c5d1d05d08e453917799d79a10fcd50967c617a1105826d6588ef2ccf
SHA512

aab0cc9265eff58772a97d857b20078cbb114a5c4ef1536b36701cf0cfb251b3cefb4a298da146b00c2509f46ddf5523b9484c8756b3bf5f1fe5ed3a581093af
SSDEEP

12288:taqCp7twJY5WiVUgDtkWciB7az2MlBDP/vgJDYo:tT2DVTmWcZzJLo

Score

N/A

Malware Config

Signatures

Files

Steamip (1).7z
.7z
Steamip (1).exe
.exe windows x64

5a085bcd6a09d149852ad7e1f6e497e9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

lstrcmpiW
LoadLibraryExW
InitializeCriticalSectionAndSpinCount
HeapSize
GetLastError
HeapReAlloc
RaiseException
HeapAlloc
DecodePointer
HeapDestroy
DeleteCriticalSection
GetProcessHeap
SetFileAttributesW
Sleep
TerminateProcess
OpenProcess
CreateToolhelp32Snapshot
Process32FirstW
Process32NextW
CloseHandle
InitializeCriticalSection
EnterCriticalSection
TryEnterCriticalSection
ExpandEnvironmentStringsW
WritePrivateProfileStringW
WriteConsoleW
SetEndOfFile
GetStringTypeW
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
FindFirstFileExW
SetStdHandle
GetFullPathNameW
FlushFileBuffers
GetTimeZoneInformation
LCMapStringW
CompareStringW
GetConsoleOutputCP
ReadConsoleW
GetConsoleMode
WriteFile
SetFilePointerEx
SystemTimeToTzSpecificLocalTime
GetFileInformationByHandle
GetDriveTypeW
CreateFileW
FreeLibraryAndExitThread
ExitThread
GetCommandLineA
GetModuleHandleExW
RtlPcToFileHeader
RtlUnwindEx
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
GetStartupInfoW
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
LoadLibraryExA
VirtualFree
VirtualAlloc
FlushInstructionCache
InterlockedPushEntrySList
InterlockedPopEntrySList
InitializeSListHead
EncodePointer
OutputDebugStringW
GetFileSizeEx
CreateFileA
VerifyVersionInfoA
VerSetConditionMask
FormatMessageW
WaitForMultipleObjects
GetFileType
GetStdHandle
GetEnvironmentVariableA
WaitForSingleObjectEx
MoveFileExA
LoadLibraryA
GetModuleHandleA
GetSystemDirectoryA
QueryPerformanceFrequency
SleepEx
InitializeCriticalSectionEx
QueryPerformanceCounter
GetModuleFileNameW
IsDebuggerPresent
GetModuleHandleW
GetCurrentThreadId
LeaveCriticalSection
HeapFree
GetSystemTimeAsFileTime
FileTimeToSystemTime
ResetEvent
CreateThread
SetEvent
CreateEventW
VirtualQuery
WideCharToMultiByte
CreateProcessW
GetCurrentProcessId
GetCurrentDirectoryW
GetSystemInfo
DeleteFileW
GlobalFlags
GetFileAttributesExW
MultiByteToWideChar
GetFileAttributesW
FindClose
PeekNamedPipe
GetCurrentProcess
FindNextFileW
GetCommandLineW
SetLastError
ReadFile
CreateDirectoryW
FreeLibrary
GetProcAddress
LoadLibraryW
GetTickCount
ExitProcess
FindResourceW
LoadResource
LockResource
FreeResource
SizeofResource
MulDiv
GlobalUnlock
GlobalLock
GlobalFree
GlobalAlloc

user32

GetDesktopWindow
GetActiveWindow
IsWindow
DestroyWindow
MessageBoxW
UnregisterClassW
SetFocus
DestroyIcon
GetWindowLongW
SetWindowPos
SetWindowLongW
GetFocus
InvalidateRect
GetTopWindow
IsZoomed
SetRect
ScreenToClient
MessageBeep
DefWindowProcW
DispatchMessageW
TranslateMessage
GetMessageW
PeekMessageW
GetWindowTextW
GetWindowTextLengthW
SetWindowTextW
SendMessageW
GetKeyState
SetCursor
AdjustWindowRectEx
ReleaseDC
GetClientRect
GetWindowDC
GetSystemMetrics
GetDC
GetWindowRect
LoadImageW
GetParent
LoadCursorW
LoadIconW
RegisterClassW
GetClassInfoW
LoadStringW
GetWindowLongPtrW
CreateWindowExW
EnumWindows
MoveWindow
GetMonitorInfoW
WaitForInputIdle
SetActiveWindow
MonitorFromWindow
GetWindowThreadProcessId
wsprintfW
CharNextW
GetClassInfoExW
PostQuitMessage
TranslateAcceleratorW
RegisterClassExW
DeleteMenu
SetWindowLongPtrW
PostMessageW
GetDlgItem
GetSysColor
FillRect
CallWindowProcW
EnableWindow
EndPaint
GetNextDlgTabItem
BeginPaint
IsIconic
GetClassNameW
IntersectRect
IsRectEmpty
WinHelpW
SetMenu
ShowWindow
OffsetRect
RedrawWindow
ClientToScreen
SetParent
PtInRect
GetLastActivePopup
GetSystemMenu
GetWindow
IsWindowVisible
SetWindowRgn
DrawIcon
IsDialogMessageW
GetDlgCtrlID
IsChild
IsWindowEnabled

gdi32

GetTextMetricsW
ExcludeClipRect
GetClipBox
CreateRoundRectRgn
CreateEllipticRgn
SetTextColor
SetBkColor
CreateSolidBrush
CreateFontIndirectW
SelectObject
CreateDIBSection
SetDIBColorTable
CreateCompatibleDC
GdiAlphaBlend
GetStockObject
GetDeviceCaps
DeleteDC
GetObjectW
SetStretchBltMode
DeleteObject

advapi32

CryptGenRandom
RegQueryValueExW
RegCloseKey
RegCreateKeyW
RegSetValueExW
RegCreateKeyExW
RegDeleteValueW
RegEnumKeyExW
RegDeleteKeyW
RegQueryInfoKeyW
CryptAcquireContextA
CryptReleaseContext
CryptEncrypt
CryptImportKey
CryptDestroyKey
CryptDestroyHash
CryptHashData
CryptCreateHash
RegOpenKeyExW
CryptGetHashParam

shell32

DragQueryFileW
DragFinish
Shell_NotifyIconW
SHGetSpecialFolderPathW

ole32

CoTaskMemRealloc
CoTaskMemFree
CoTaskMemAlloc
CoCreateInstance
CoInitializeEx
CoUninitialize
CreateStreamOnHGlobal

oleaut32

VarUI4FromStr
SystemTimeToVariantTime
VariantTimeToSystemTime

comctl32

ImageList_AddMasked
ImageList_Destroy
ImageList_Create
InitCommonControlsEx

wldap32

ord211
ord60
ord45
ord50
ord41
ord22
ord26
ord46
ord32
ord33
ord35
ord79
ord30
ord200
ord301
ord27
ord143

ws2_32

inet_pton
WSAStartup
WSAGetLastError
WSACleanup
gethostname
sendto
recvfrom
WSAEventSelect
WSAEnumNetworkEvents
WSACreateEvent
WSACloseEvent
freeaddrinfo
getaddrinfo
ntohl
ioctlsocket
listen
htonl
socket
send
recv
closesocket
accept
WSAIoctl
setsockopt
__WSAFDIsSet
htons
getsockopt
getsockname
getpeername
connect
bind
WSASetLastError
select
ntohs

gdiplus

GdipCreateBitmapFromScan0
GdipCreateBitmapFromFile
GdipGetImageWidth
GdipSetCompositingMode
GdipGetImagePalette
GdipDeleteGraphics
GdipGetImageGraphicsContext
GdipBitmapLockBits
GdipFree
GdipGetImagePixelFormat
GdipDisposeImage
GdipDrawImageRectI
GdipAlloc
GdipCreateBitmapFromStream
GdipBitmapUnlockBits
GdipCloneImage
GdipGetImagePaletteSize
GdipGetImageHeight
GdiplusShutdown
GdiplusStartup

crypt32

CertCloseStore
CertOpenStore
CertEnumCertificatesInStore
CertFindCertificateInStore
CertFreeCertificateContext
CryptStringToBinaryA
PFXImportCertStore
CryptDecodeObjectEx
CertAddCertificateContextToStore
CertFindExtension
CertGetNameStringA
CryptQueryObject
CertCreateCertificateChainEngine
CertFreeCertificateChainEngine
CertGetCertificateChain
CertFreeCertificateChain

Sections

.text
Size: 732KB - Virtual size: 731KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 253KB - Virtual size: 252KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 35KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gfids
Size: 512B - Virtual size: 236B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gehcont
Size: 512B - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 127KB - Virtual size: 127KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5a085bcd6a09d149852ad7e1f6e497e9

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

comctl32

wldap32

ws2_32

gdiplus

crypt32

Sections

.text Size: 732KB - Virtual size: 731KB

.rdata Size: 253KB - Virtual size: 252KB

.data Size: 9KB - Virtual size: 19KB

.pdata Size: 35KB - Virtual size: 34KB

.gfids Size: 512B - Virtual size: 236B

.tls Size: 512B - Virtual size: 9B

.gehcont Size: 512B - Virtual size: 28B

.rsrc Size: 127KB - Virtual size: 127KB

.reloc Size: 6KB - Virtual size: 5KB

.text
Size: 732KB - Virtual size: 731KB

.rdata
Size: 253KB - Virtual size: 252KB

.data
Size: 9KB - Virtual size: 19KB

.pdata
Size: 35KB - Virtual size: 34KB

.gfids
Size: 512B - Virtual size: 236B

.tls
Size: 512B - Virtual size: 9B

.gehcont
Size: 512B - Virtual size: 28B

.rsrc
Size: 127KB - Virtual size: 127KB

.reloc
Size: 6KB - Virtual size: 5KB