steam_api[.]dll

Sharing

Copy URL Twitter E-mail

General

Target

steam_api.dll
Size

244KB
MD5

c928fbf1fa85c9fb3c87cc309efa136a
SHA1

e6933dc08e511a58fac46a4152ee68a98fe0e474
SHA256

ec402f5a35efec8192a5147dc0be9a7212bc6b3d2299cc9b6790dd14a2e8161f
SHA512

417b5da5362745dc68d1b3cd76e1cbe7e6fec2e980352dadd21b542cfca8da9adbcdad3acc5aeae4813fd39c03237b92316d17efe54a87ca60d7f795b9365d64
SSDEEP

6144:jHVtCirWZQFjcCDwTHtaibDKSNM1uBOPB1IMDxHGFenT:ZYirW6Fjbwoi/KSNMgzqmy

Score

7^/10

Malware Config

Signatures

ACProtect 1.3x - 1.4x DLL software 1 IoCs

Detects file using ACProtect software.

resource	yara_rule
sample	acprotect

Files

steam_api.dll
.dll windows x86

Code Sign

47:3d:2a:78:61:ad:04:bd:4c:92:c8:c2:df:e0:90:ad
Certificate

Issuer

CN=WUS!

Not Before

30/06/2014, 22:00

Not After

31/12/2087, 22:00

Subject

CN=WUS!

cb:fe:a1:fb:31:c5:96:fc:37:e6:90:7c:e3:d4:f4:3b:5d:4f:0a:e8
Signer

Actual PE Digest

cb:fe:a1:fb:31:c5:96:fc:37:e6:90:7c:e3:d4:f4:3b:5d:4f:0a:e8

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Exports

Exports

Breakpad_SteamMiniDumpInit
Breakpad_SteamSetAppID
Breakpad_SteamSetSteamID
Breakpad_SteamWriteMiniDumpSetComment
Breakpad_SteamWriteMiniDumpUsingExceptionInfoWithBuildId
CreateInterface
GetHSteamPipe
GetHSteamUser
OPENSSL_Applink
SteamAPI_GetHSteamPipe
SteamAPI_GetHSteamUser
SteamAPI_GetSteamInstallPath
SteamAPI_Init
SteamAPI_InitSafe
SteamAPI_IsSteamRunning
SteamAPI_RegisterCallResult
SteamAPI_RegisterCallback
SteamAPI_ReleaseCurrentThreadMemory
SteamAPI_RestartApp
SteamAPI_RestartAppIfNecessary
SteamAPI_RunCallbacks
SteamAPI_SetBreakpadAppID
SteamAPI_SetMiniDumpComment
SteamAPI_SetTryCatchCallbacks
SteamAPI_Shutdown
SteamAPI_UnregisterCallResult
SteamAPI_UnregisterCallback
SteamAPI_UseBreakpadCrashHandler
SteamAPI_WriteMiniDump
SteamAppList
SteamApps
SteamClient
SteamContentServer
SteamContentServerUtils
SteamContentServer_Init
SteamContentServer_RunCallbacks
SteamContentServer_Shutdown
SteamController
SteamEncryptedAppTicket_BDecryptTicket
SteamEncryptedAppTicket_BIsTicketForApp
SteamEncryptedAppTicket_BUserIsVacBanned
SteamEncryptedAppTicket_BUserOwnsAppInTicket
SteamEncryptedAppTicket_GetTicketAppID
SteamEncryptedAppTicket_GetTicketIssueTime
SteamEncryptedAppTicket_GetTicketSteamID
SteamEncryptedAppTicket_GetUserVariableData
SteamFriends
SteamGameServer
SteamGameServerHTTP
SteamGameServerInventory
SteamGameServerNetworking
SteamGameServerStats
SteamGameServerUGC
SteamGameServerUtils
SteamGameServer_BSecure
SteamGameServer_GetHSteamPipe
SteamGameServer_GetHSteamUser
SteamGameServer_GetIPCCallCount
SteamGameServer_GetSteamID
SteamGameServer_Init
SteamGameServer_InitSafe
SteamGameServer_RunCallbacks
SteamGameServer_Shutdown
SteamHTMLSurface
SteamHTTP
SteamInventory
SteamMasterServerUpdater
SteamMatchmaking
SteamMatchmakingServers
SteamMusic
SteamMusicRemote
SteamNetworking
SteamNetworkingUpdater
SteamRemoteStorage
SteamScreenshots
SteamUGC
SteamUnifiedMessages
SteamUser
SteamUserStats
SteamUtils
SteamVideo
Steam_BConnected
Steam_BGetCallback
Steam_BLoggedOn
Steam_BReleaseSteamPipe
Steam_ConnectToGlobalUser
Steam_CreateLocalUser
Steam_CreateSteamPipe
Steam_FreeLastCallback
Steam_GSBLoggedOn
Steam_GSBSecure
Steam_GSGetSteam2GetEncryptionKeyToSendToNewClient
Steam_GSGetSteamID
Steam_GSLogOff
Steam_GSLogOn
Steam_GSRemoveUserConnect
Steam_GSSendSteam3UserConnect
Steam_GSSendUserDisconnect
Steam_GSSendUserStatusResponse
Steam_GSSetServerType
Steam_GSSetSpawnCount
Steam_GSUpdateStatus
Steam_GetAPICallResult
Steam_GetGSHandle
Steam_GetHSteamUserCurrent
Steam_InitiateGameConnection
Steam_LogOff
Steam_LogOn
Steam_RegisterInterfaceFuncs
Steam_ReleaseUser
Steam_RunCallbacks
Steam_SetLocalIPBinding
Steam_TerminateGameConnection
VR_GetGenericInterface
VR_GetStringForHmdError
VR_Init
VR_IsHmdPresent
VR_Shutdown
g_pSteamClientGameServer

Sections

WUS0
Size: - Virtual size: 436KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

WUS1
Size: 235KB - Virtual size: 236KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

Code Sign

47:3d:2a:78:61:ad:04:bd:4c:92:c8:c2:df:e0:90:adCertificate

cb:fe:a1:fb:31:c5:96:fc:37:e6:90:7c:e3:d4:f4:3b:5d:4f:0a:e8Signer

Headers

DLL Characteristics

File Characteristics

Exports

Exports

Sections

WUS0 Size: - Virtual size: 436KB

WUS1 Size: 235KB - Virtual size: 236KB

.rsrc Size: 6KB - Virtual size: 8KB

47:3d:2a:78:61:ad:04:bd:4c:92:c8:c2:df:e0:90:ad
Certificate

cb:fe:a1:fb:31:c5:96:fc:37:e6:90:7c:e3:d4:f4:3b:5d:4f:0a:e8
Signer

WUS0
Size: - Virtual size: 436KB

WUS1
Size: 235KB - Virtual size: 236KB

.rsrc
Size: 6KB - Virtual size: 8KB