Static task
static1
General
-
Target
game.exe
-
Size
16.2MB
-
MD5
418e203a0ab9eb44e1f6d05030d46112
-
SHA1
1d38590456f6fb6045596f8d65f180093088418b
-
SHA256
244b9c332cefa4624badc4a7690c6b32c33e3df0b04fc69f9f8e4aba692b186b
-
SHA512
f9af1b466daee5448e4ffc2292708f5c0c7d18fcf862330f81c730564caab10e7aef98f462d6577b2e52e8f49fef51cb4abe71c7549647f5ff7e2d2aad85030a
-
SSDEEP
393216:GQiamPNjHTAHSkAKz2Pdcuo1HAQXUo5o6JFJLHwvg3rUBhTpjdpXbyXg9nLZEQiL:sf0dXg9n1S/cXe
Malware Config
Signatures
Files
-
game.exe.exe windows x64
5b8b4f4c78cde6b26098b46fb2bef5c9
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Imports
steam_api64
SteamAPI_Init
SteamAPI_RegisterCallback
SteamAPI_UnregisterCallback
SteamAPI_RunCallbacks
SteamAPI_GetHSteamUser
SteamAPI_Shutdown
SteamInternal_ContextInit
SteamInternal_FindOrCreateUserInterface
ws2_32
WSAGetLastError
WSACleanup
shutdown
getnameinfo
gethostname
socket
bind
setsockopt
listen
connect
ioctlsocket
htons
closesocket
sendto
recvfrom
send
recv
select
__WSAFDIsSet
getsockname
ntohs
freeaddrinfo
getaddrinfo
accept
WSAIoctl
getsockopt
getpeername
WSASetLastError
WSAStartup
wldap32
ord46
ord211
ord60
ord50
ord41
ord22
ord143
ord27
ord32
ord33
ord35
ord79
ord30
ord200
ord301
ord26
crypt32
CertOpenStore
CertFindCertificateInStore
CertEnumCertificatesInStore
CertCloseStore
CertDuplicateCertificateContext
CertFreeCertificateContext
CertGetCertificateContextProperty
kernel32
CreateThread
LoadLibraryExW
RtlUnwind
EncodePointer
RaiseException
RtlPcToFileHeader
InterlockedPushEntrySList
SetConsoleCtrlHandler
SetFilePointerEx
GetACP
GetConsoleCP
HeapFree
GetModuleFileNameA
GetPrivateProfileIntA
WritePrivateProfileSectionA
GetCurrentDirectoryA
SetCurrentDirectoryA
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
SetThreadPriority
WaitForSingleObject
Sleep
FindNextFileA
FindClose
OutputDebugStringA
GetUserDefaultLCID
GetCommandLineW
FindFirstFileW
FindNextFileW
GetModuleHandleA
FormatMessageA
GetLastError
LocalFree
GlobalLock
GlobalUnlock
ExitProcess
CreateEventA
SetEvent
CloseHandle
QueryPerformanceFrequency
QueryPerformanceCounter
HeapAlloc
MultiByteToWideChar
WideCharToMultiByte
GetTickCount64
InitializeCriticalSectionEx
SleepEx
SetLastError
WaitForSingleObjectEx
ExpandEnvironmentStringsA
GetStdHandle
GetFileType
ReadFile
PeekNamedPipe
WaitForMultipleObjects
FreeLibrary
GetProcAddress
VerSetConditionMask
GetSystemDirectoryA
LoadLibraryA
VerifyVersionInfoA
GetEnvironmentVariableW
InitializeCriticalSectionAndSpinCount
GetCurrentThreadId
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FormatMessageW
WriteFile
GetModuleHandleW
SwitchToFiber
DeleteFiber
CreateFiber
GetSystemTime
SystemTimeToFileTime
GetCurrentProcessId
GetSystemTimeAsFileTime
GetModuleHandleExW
ConvertFiberToThread
ConvertThreadToFiber
LoadLibraryW
GetConsoleMode
SetConsoleMode
ReadConsoleA
ReadConsoleW
ExitThread
FreeLibraryAndExitThread
CreateFileW
GetDriveTypeW
SystemTimeToTzSpecificLocalTime
ResetEvent
CompareStringW
LCMapStringW
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
CreateEventW
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
GetLocaleInfoW
IsValidLocale
EnumSystemLocalesW
GetTimeZoneInformation
GetStringTypeW
GetCurrentDirectoryW
GetFullPathNameW
SetStdHandle
FlushFileBuffers
HeapReAlloc
GetFileAttributesExW
FindFirstFileExA
IsValidCodePage
GetOEMCP
GetCPInfo
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableA
FileTimeToSystemTime
GetProcessHeap
RtlUnwindEx
WriteConsoleW
SetEndOfFile
CreateProcessA
HeapSize
user32
DispatchMessageA
TranslateMessage
GetMessageA
GetWindowPlacement
SetWindowTextW
AdjustWindowRect
GetWindowLongA
SystemParametersInfoA
ScreenToClient
TrackMouseEvent
ReleaseCapture
SetCapture
GetProcessWindowStation
PeekMessageA
GetAsyncKeyState
UpdateWindow
SetWindowPos
GetWindowRect
SetWindowLongA
ShowCursor
GetClientRect
LoadIconA
GetClassInfoExA
DefWindowProcA
SetCursor
ShowWindow
DestroyWindow
CreateWindowExA
RegisterClassExA
LoadCursorA
MessageBoxW
EnumDisplaySettingsA
GetMonitorInfoA
MessageBoxA
PostQuitMessage
GetUserObjectInformationW
advapi32
CryptGetProvParam
CryptEnumProvidersW
CryptSignHashW
CryptDestroyHash
CryptCreateHash
CryptDecrypt
CryptExportKey
CryptGetUserKey
CryptSetHashParam
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RegCreateKeyExA
RegSetValueExA
DeregisterEventSource
RegisterEventSourceW
ReportEventW
CryptAcquireContextW
CryptReleaseContext
CryptDestroyKey
shell32
DragQueryFileA
SHGetSpecialFolderPathA
ole32
OleInitialize
ReleaseStgMedium
RevokeDragDrop
RegisterDragDrop
CoUninitialize
CoCreateInstance
CoInitializeEx
OleUninitialize
d3d9
Direct3DCreate9
d3d11
D3D11CreateDevice
d3dcompiler_43
D3DReflect
D3DCompile
imm32
ImmGetContext
ImmSetCandidateWindow
ImmReleaseContext
ImmGetCompositionStringW
ImmAssociateContext
winmm
timeGetTime
dinput8
DirectInput8Create
xinput1_3
ord2
ord3
bcrypt
BCryptGenRandom
Sections
.text Size: 10.2MB - Virtual size: 10.2MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 4.6MB - Virtual size: 4.6MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 600KB - Virtual size: 5.3MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 334KB - Virtual size: 333KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
_RDATA Size: 512B - Virtual size: 244B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 212KB - Virtual size: 212KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 246KB - Virtual size: 245KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ