steamclient[.]dll

Sharing

Copy URL Twitter E-mail

General

Target

steamclient.dll
Size

253KB
MD5

0887a301cab6f5051fc8f7807b2dcff2
SHA1

44393b79b1139d026569958bb9a660c1e9fcf030
SHA256

89ec842cd6d57d0d9df242f059449114e60e5450bbea51ce48fc4fd00e67fa39
SHA512

a21797ea4a9d0d3445215a81d242b0ed59b3687c6395763dc02b37695af02a29a2015e299bdb08b005624dca2ed9bb2a377af49e5afcc14e1469d58191ff2dc0
SSDEEP

6144:hrUT3XxsccKFlYCQT/6oZvaP8W5+oJY1VnIa7AjBN+j:N+3XxsclYCu4Pwoq1CzjL+

Score

7^/10

Malware Config

Signatures

ACProtect 1.3x - 1.4x DLL software 1 IoCs

Detects file using ACProtect software.

resource	yara_rule
sample	acprotect

Files

steamclient.dll
.dll windows x86

Code Sign

2b:6c:4c:e9:a4:04:70:47:b2:b1:ad:41:05:1b:98:6b
Certificate

Issuer

CN=WUS!

Not Before

01/07/2014, 08:00

Not After

01/01/2088, 08:00

Subject

CN=WUS!

34:9b:bd:03:59:1e:35:d3:64:b8:5c:73:58:16:27:e5:b8:46:a1:89
Signer

Actual PE Digest

34:9b:bd:03:59:1e:35:d3:64:b8:5c:73:58:16:27:e5:b8:46:a1:89

Digest Algorithm

sha1

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=WUS!

02/02/2023, 17:54
Valid: false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Exports

Exports

Breakpad_SteamMiniDumpInit
Breakpad_SteamSetAppID
Breakpad_SteamSetSteamID
Breakpad_SteamWriteMiniDumpSetComment
Breakpad_SteamWriteMiniDumpUsingExceptionInfoWithBuildId
CreateInterface
Steam_BConnected
Steam_BGetCallback
Steam_BLoggedOn
Steam_BReleaseSteamPipe
Steam_ConnectToGlobalUser
Steam_CreateGlobalUser
Steam_CreateLocalUser
Steam_CreateSteamPipe
Steam_FreeLastCallback
Steam_GSBLoggedOn
Steam_GSBSecure
Steam_GSGetSteam2GetEncryptionKeyToSendToNewClient
Steam_GSGetSteamID
Steam_GSLogOff
Steam_GSLogOn
Steam_GSRemoveUserConnect
Steam_GSSendSteam2UserConnect
Steam_GSSendSteam3UserConnect
Steam_GSSendUserDisconnect
Steam_GSSendUserStatusResponse
Steam_GSSetServerType
Steam_GSSetSpawnCount
Steam_GSUpdateStatus
Steam_GetAPICallResult
Steam_GetGSHandle
Steam_InitiateGameConnection
Steam_LogOff
Steam_LogOn
Steam_ReleaseThreadLocalMemory
Steam_ReleaseUser
Steam_SetLocalIPBinding
Steam_TerminateGameConnection
VR_GetGenericInterfaceInternal
VR_GetStringForHmdErrorInternal
VR_InitInternal
VR_IsHmdPresentInternal
VR_ShutdownInternal
hid_close
hid_enumerate
hid_error
hid_exit
hid_free_enumeration
hid_get_feature_report
hid_get_indexed_string
hid_get_manufacturer_string
hid_get_product_string
hid_get_serial_number_string
hid_init
hid_open
hid_open_path
hid_read
hid_read_timeout
hid_send_feature_report
hid_set_nonblocking
hid_write

Sections

WUS0
Size: - Virtual size: 452KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

WUS1
Size: 246KB - Virtual size: 248KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

Code Sign

2b:6c:4c:e9:a4:04:70:47:b2:b1:ad:41:05:1b:98:6bCertificate

34:9b:bd:03:59:1e:35:d3:64:b8:5c:73:58:16:27:e5:b8:46:a1:89Signer

Signature Validations

Verification

02/02/2023, 17:54 Valid: false

Headers

DLL Characteristics

File Characteristics

Exports

Exports

Sections

WUS0 Size: - Virtual size: 452KB

WUS1 Size: 246KB - Virtual size: 248KB

.rsrc Size: 4KB - Virtual size: 8KB

2b:6c:4c:e9:a4:04:70:47:b2:b1:ad:41:05:1b:98:6b
Certificate

34:9b:bd:03:59:1e:35:d3:64:b8:5c:73:58:16:27:e5:b8:46:a1:89
Signer

02/02/2023, 17:54
Valid: false

WUS0
Size: - Virtual size: 452KB

WUS1
Size: 246KB - Virtual size: 248KB

.rsrc
Size: 4KB - Virtual size: 8KB