prototype2engine[.]dll

Sharing

Copy URL Twitter E-mail

General

Target

prototype2engine.dll
Size

16.5MB
MD5

2776cf3fbbb7b59a2366208b79704464
SHA1

ccb7ae3a55c2cb010f19ba119c87b45903202e45
SHA256

98c615e17c90ce6c53682cbed311d912485aea2541ee303e4fb66634e2500b58
SHA512

12a5edee47264d162222acfca7188f9d34f2a2b277450e7df842db95907130fdb5acf778dc7906c2b3388682c57ee59aad49beb49a7cb5e06f945af45c9c58fb
SSDEEP

196608:QdlAo5/8iaq5t4ZiyWvx6CoIQ2m+DCQA1fL6fsx:9o5/Jz4MyixjAyDJA1fLF

Score

1^/10

Malware Config

Signatures

Files

prototype2engine.dll
.dll windows x86

e2b941bd7df569c6d8887033a50b0d4e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

AddVectoredExceptionHandler
VirtualQuery
GetTimeZoneInformation
GetComputerNameA
GetSystemTime
FileTimeToSystemTime
GetSystemTimeAsFileTime
RaiseException
GetSystemDirectoryW
GetWindowsDirectoryW
SetLastError
GetProcAddress
HeapSize
InterlockedExchange
HeapAlloc
GetCurrentThreadId
GetFullPathNameW
InterlockedCompareExchange
GetTickCount
GetLastError
GetModuleHandleA
lstrcmpiW
GetFileInformationByHandle
lstrlenW
OpenEventA
OpenFileMappingA
CreateFileMappingA
MapViewOfFile
GetStartupInfoW
GetCommandLineW
GetEnvironmentStringsW
GetCurrentDirectoryW
GetConsoleWindow
FindResourceW
SizeofResource
LoadResource
LockResource
UnmapViewOfFile
GetModuleFileNameW
ExitProcess
RemoveVectoredExceptionHandler
UnhandledExceptionFilter
OpenFile
MoveFileA
GlobalMemoryStatusEx
CreateFileW
ReleaseMutex
DeleteFileA
RemoveDirectoryA
CreateDirectoryA
FindNextFileA
FindFirstFileA
SetEndOfFile
WriteFile
SetFilePointerEx
ReadFile
FlushFileBuffers
CreateFileA
GetFileSizeEx
GetDriveTypeA
GetFullPathNameA
GetDiskFreeSpaceExA
FindClose
GetCurrentDirectoryA
ReadProcessMemory
TerminateProcess
SetUnhandledExceptionFilter
DebugBreak
InterlockedIncrement
GetModuleFileNameA
SetCurrentDirectoryA
GetLogicalDrives
GetVolumeInformationA
GetCurrentProcessId
CreateToolhelp32Snapshot
Module32First
GetModuleHandleExA
FreeLibrary
Module32Next
GetACP
CreateFiber
TlsFree
TlsAlloc
SetThreadAffinityMask
GetCurrentThread
SwitchToFiber
DeleteFiber
TlsGetValue
ResumeThread
SetThreadPriority
TlsSetValue
ConvertThreadToFiber
ExitThread
GetVersionExA
ConvertFiberToThread
CreateMutexA
GetCurrentProcess
GetProcessAffinityMask
InterlockedDecrement
MultiByteToWideChar
GetLocalTime
CreateThread
Sleep
GetExitCodeThread
TerminateThread
SetEvent
ResetEvent
CreateEventA
WaitForSingleObject
ReleaseSemaphore
CreateSemaphoreA
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
IsDebuggerPresent
SetErrorMode
QueryPerformanceFrequency
QueryPerformanceCounter
OutputDebugStringA
HeapFree
CloseHandle
GetSystemDefaultLangID
GetProcessHeap

user32

SetWindowLongA
MessageBoxW
MapVirtualKeyExA
GetKeyboardLayout
GetClientRect
DispatchMessageA
ShowCursor
GetSystemMetrics
TranslateMessage
MessageBoxA
ShowWindow
PeekMessageA
CallWindowProcA
CharLowerBuffA
wsprintfA
DestroyWindow
GetWindowLongA

advapi32

CryptReleaseContext
RegQueryValueExW
RegOpenKeyExW
RegOpenKeyExA
RegQueryValueExA
CryptGenRandom
CryptAcquireContextA
RegCloseKey
GetUserNameA
RegEnumKeyA
RegOpenKeyA
SetSecurityDescriptorDacl
InitializeSecurityDescriptor

shell32

SHGetFolderPathA

steam_api

SteamFriends
SteamAPI_RunCallbacks
SteamAPI_WriteMiniDump
SteamAPI_RestartAppIfNecessary
SteamAPI_Shutdown
SteamAPI_UnregisterCallback
SteamApps
SteamAPI_RegisterCallback
SteamUserStats
SteamAPI_Init
SteamUser

d3d9

Direct3DCreate9

msvcr90

ispunct
islower
wcsrtombs_s
_unlock
__dllonexit
_encode_pointer
_lock
_onexit
_decode_pointer
_malloc_crt
_encoded_null
_initterm
_initterm_e
_amsg_exit
_adjust_fdiv
__CppXcptFilter
?terminate@@YAXXZ
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_except_handler4_common
__clean_type_info_names_internal
_crt_debugger_hook
_HUGE
_CItanh
_CIsinh
_CIcosh
ldexp
frexp
fgets
_CxxThrowException
_purecall
memcpy
atoi
memset
memmove
_CIacos
ceil
floor
qsort
_CIasin
_isnan
_exit
isupper
toupper
strchr
_CIpow
strncmp
modf
memmove_s
rand
_CIfmod
abort
strcat_s
strstr
sscanf_s
strcpy_s
_wcsicoll
wcscoll
strtoul
strspn
strcspn
atof
isdigit
strncpy_s
strtol
strpbrk
strrchr
_vsnprintf_s
_stricmp
wcscpy_s
wcsncpy_s
strtod
localeconv
_strtoui64
_controlfp_s
isspace
_ftime64
iscntrl
strcoll
strncat
longjmp
exit
_setjmp3
memcmp
tolower
printf
vfprintf
_vscprintf
memchr
strcmp
strlen
__CxxFrameHandler3
_strupr
_strlwr
isalpha
isalnum
_aligned_free
_aligned_realloc
_aligned_malloc
_set_printf_count_output
_set_purecall_handler
_splitpath_s
_makepath_s
malloc
sscanf
swscanf
wcsstr
fputs
fputc
_vsnprintf
strncpy
sprintf
fprintf
free
__iob_func
getc
fopen
ungetc
ferror
strerror
feof
_wstat64
fclose
fseek
fread
fflush
fwrite
ftell
_wfopen_s
rewind
_errno
isxdigit
_itoa_s

ws2_32

getsockname
__WSAFDIsSet
recv
send
connect
ntohl
gethostbyname
recvfrom
ntohs
sendto
htons
bind
getpeername
WSAGetLastError
closesocket
socket
setsockopt
select
ioctlsocket
inet_ntoa
inet_addr
WSAStartup

dbghelp

SymGetModuleBase64
SymFunctionTableAccess64
StackWalk64

iphlpapi

GetAdaptersInfo
GetIfEntry
GetIpAddrTable

winmm

timeGetTime

binkw32

_RADTimerRead@0
_BinkSetMemory@8
_BinkSetSoundSystem@8
_BinkSetIO@4
_BinkSetSoundTrack@8
_BinkOpen@8
_BinkGetFrameBuffersInfo@8
_BinkRegisterFrameBuffers@8
_BinkPause@8
_BinkWait@4
_BinkDoFrame@4
_BinkShouldSkip@4
_BinkNextFrame@4
_BinkClose@4
_BinkSetSpeakerVolumes@20
_BinkSetVolume@12

xinput1_3

ord2
ord4
ord3

ole32

CoUninitialize
CLSIDFromString
CoInitialize
CoCreateInstance
CoSetProxyBlanket

oleaut32

SysFreeString
VariantInit
VariantClear
SysAllocStringLen
SysAllocString

Exports

Exports

EngineInitialize
EngineKeyboardService
EngineMouseService
EngineService
EngineTerminate
EngineWindowFocus

Sections

.text
Size: 10.3MB - Virtual size: 10.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3.5MB - Virtual size: 3.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1.7MB - Virtual size: 2.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.version
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e2b941bd7df569c6d8887033a50b0d4e

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

steam_api

d3d9

msvcr90

ws2_32

dbghelp

iphlpapi

winmm

binkw32

xinput1_3

ole32

oleaut32

Exports

Exports

Sections

.text Size: 10.3MB - Virtual size: 10.3MB

.rdata Size: 3.5MB - Virtual size: 3.5MB

.data Size: 1.7MB - Virtual size: 2.3MB

.version Size: 512B - Virtual size: 4B

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 1.1MB - Virtual size: 1.1MB

.text
Size: 10.3MB - Virtual size: 10.3MB

.rdata
Size: 3.5MB - Virtual size: 3.5MB

.data
Size: 1.7MB - Virtual size: 2.3MB

.version
Size: 512B - Virtual size: 4B

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 1.1MB - Virtual size: 1.1MB