Dwarf Fortress[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

Dwarf Fortress.exe
Size

19.8MB
MD5

506b007a71220a9dac1e1a44fbf14dd5
SHA1

96e6e6d0123667554d1e4a600655b2e0e8d4d00c
SHA256

55088a75deea81fd34f50fb6d693afa14bc3199a2bf771087b99d7551a490382
SHA512

416f95c64603563a0e8b3fb4f389f1e39be1409bbdf5e9581859bde7a830eb2901c0f94b2d0d020724dee0e7faf2a206455017348ea1ace11d980df695b9ddc2
SSDEEP

196608:IBvY3efYbSR59Gu2wOfm1SmJsdahXCk5/wNvdBzEDxDR:IBvscmux7SmJHhXCXzu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Dwarf Fortress.exe

Files

Dwarf Fortress.exe
.exe windows x64

144012ba818427f32ebb211cebab03b1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

steam_api64

SteamAPI_GetHSteamUser
SteamAPI_Init
SteamAPI_Shutdown
SteamAPI_RunCallbacks
SteamInternal_FindOrCreateUserInterface
SteamAPI_UnregisterCallResult
SteamAPI_RegisterCallResult
SteamInternal_ContextInit

fmod

?setPosition@Channel@FMOD@@QEAA?AW4FMOD_RESULT@@II@Z
?stop@ChannelControl@FMOD@@QEAA?AW4FMOD_RESULT@@XZ
?setPaused@ChannelControl@FMOD@@QEAA?AW4FMOD_RESULT@@_N@Z
?setVolume@ChannelControl@FMOD@@QEAA?AW4FMOD_RESULT@@M@Z
?getVolume@ChannelControl@FMOD@@QEAA?AW4FMOD_RESULT@@PEAM@Z
?isPlaying@ChannelControl@FMOD@@QEAA?AW4FMOD_RESULT@@PEA_N@Z
?setPan@ChannelControl@FMOD@@QEAA?AW4FMOD_RESULT@@M@Z
?release@Sound@FMOD@@QEAA?AW4FMOD_RESULT@@XZ
?release@System@FMOD@@QEAA?AW4FMOD_RESULT@@XZ
?init@System@FMOD@@QEAA?AW4FMOD_RESULT@@HIPEAX@Z
?close@System@FMOD@@QEAA?AW4FMOD_RESULT@@XZ
?update@System@FMOD@@QEAA?AW4FMOD_RESULT@@XZ
FMOD_System_Create
?setPriority@Channel@FMOD@@QEAA?AW4FMOD_RESULT@@H@Z
?setStreamBufferSize@System@FMOD@@QEAA?AW4FMOD_RESULT@@II@Z
?createSound@System@FMOD@@QEAA?AW4FMOD_RESULT@@PEBDIPEAUFMOD_CREATESOUNDEXINFO@@PEAPEAVSound@2@@Z
?createStream@System@FMOD@@QEAA?AW4FMOD_RESULT@@PEBDIPEAUFMOD_CREATESOUNDEXINFO@@PEAPEAVSound@2@@Z
?playSound@System@FMOD@@QEAA?AW4FMOD_RESULT@@PEAVSound@2@PEAVChannelGroup@2@_NPEAPEAVChannel@2@@Z

sdl

SDL_CreateRGBSurfaceFrom
SDL_SaveBMP_RW
SDL_EnableUNICODE
SDL_CreateSemaphore
SDL_FillRect
SDL_CreateThread
SDL_CreateRGBSurface
SDL_SetVideoMode
SDL_GetTicks
SDL_MapRGB
SDL_PollEvent
SDL_Flip
SDL_GetVideoInfo
SDL_ThreadID
SDL_DestroySemaphore
SDL_DisplayFormat
SDL_GetMouseState
SDL_ShowCursor
SDL_Delay
SDL_Quit
SDL_WM_SetCaption
SDL_GetError
SDL_NumJoysticks
SDL_GetVideoSurface
SDL_WM_SetIcon
SDL_Init
SDL_EnableKeyRepeat
SDL_SemTryWait
SDL_GetAppState
SDL_SetAlpha
SDL_FreeSurface
SDL_LockSurface
SDL_UpperBlit
SDL_UnlockSurface
SDL_ListModes
SDL_GetRGBA
SDL_ConvertSurface
SDL_getenv
SDL_DisplayFormatAlpha
SDL_SetColorKey
SDL_RWFromFile
SDL_strlcpy
SDL_strlcat
SDL_SetModuleHandle
SDL_SemPost
SDL_InitSubSystem
SDL_SemWait

sdl_image

IMG_Load

winmm

timeBeginPeriod
timeEndPeriod

kernel32

GetTickCount64
InitOnceComplete
InitOnceBeginInitialize
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
GetModuleHandleA
GetModuleFileNameA
GetCommandLineA
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
GetStartupInfoW
IsDebuggerPresent
GetModuleHandleW
CreateEventW
WaitForSingleObjectEx
SetEvent
ResetEvent
GetFileTime
DosDateTimeToFileTime
CloseHandle
CreateFileA
LocalFileTimeToFileTime
SetFileTime
FindClose
FindNextFileA
FindFirstFileA
FreeLibrary
GetProcAddress
LoadLibraryA
RemoveDirectoryA
GetTickCount
CreateDirectoryA

user32

MessageBoxA

msvcp140

?_Xbad_function_call@std@@YAXXZ
_Cnd_init_in_situ
?__ExceptionPtrCreate@@YAXPEAX@Z
_Cnd_unregister_at_thread_exit
??0task_continuation_context@Concurrency@@AEAA@XZ
?_CallInContext@_ContextCallback@details@Concurrency@@QEBAXV?$function@$$A6AXXZ@std@@_N@Z
?_Reset@_ContextCallback@details@Concurrency@@AEAAXXZ
?_IsCurrentOriginSTA@_ContextCallback@details@Concurrency@@CA_NXZ
?_Capture@_ContextCallback@details@Concurrency@@AEAAXXZ
?ReportUnhandledError@_ExceptionHolder@details@Concurrency@@AEAAXXZ
?_Release_chore@details@Concurrency@@YAXPEAU_Threadpool_chore@12@@Z
?_LogScheduleTask@_TaskEventLogger@details@Concurrency@@QEAAX_N@Z
?_LogCancelTask@_TaskEventLogger@details@Concurrency@@QEAAXXZ
?_LogTaskCompleted@_TaskEventLogger@details@Concurrency@@QEAAXXZ
?_LogTaskExecutionCompleted@_TaskEventLogger@details@Concurrency@@QEAAXXZ
?_LogWorkItemStarted@_TaskEventLogger@details@Concurrency@@QEAAXXZ
?_LogWorkItemCompleted@_TaskEventLogger@details@Concurrency@@QEAAXXZ
?_Schedule_chore@details@Concurrency@@YAHPEAU_Threadpool_chore@12@@Z
?_ReportUnobservedException@details@Concurrency@@YAXXZ
?GetCurrentThreadId@platform@details@Concurrency@@YAJXZ
?__ExceptionPtrAssign@@YAXPEAXPEBX@Z
?setw@std@@YA?AU?$_Smanip@_J@1@_J@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@F@Z
?_Getcat@?$ctype@D@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?getloc@ios_base@std@@QEBA?AVlocale@2@XZ
?getline@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@PEAD_J@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEAH@Z
?id@?$ctype@D@std@@2V0locale@2@A
?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
?_Throw_C_error@std@@YAXH@Z
?_Syserror_map@std@@YAPEBDH@Z
?__ExceptionPtrToBool@@YA_NPEBX@Z
_Mtx_destroy_in_situ
?__ExceptionPtrDestroy@@YAXPEAX@Z
_Mtx_lock
?__ExceptionPtrCurrentException@@YAXPEAX@Z
?__ExceptionPtrRethrow@@YAXPEBX@Z
_Mtx_init_in_situ
_Cnd_register_at_thread_exit
_Cnd_wait
_Mtx_unlock
_Cnd_broadcast
_Cnd_destroy_in_situ
?cerr@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
?__ExceptionPtrCopy@@YAXPEAXPEBX@Z
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
?clear@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@_K@Z
?uncaught_exception@std@@YA_NXZ
?_Xbad_alloc@std@@YAXXZ
?_Xout_of_range@std@@YAXPEBD@Z
?_Xlength_error@std@@YAXPEBD@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADD@Z
?put@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@D@Z
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@H@Z
??1_Lockit@std@@QEAA@XZ
??0_Lockit@std@@QEAA@H@Z
?_Getgloballocale@locale@std@@CAPEAV_Locimp@12@XZ
?id@?$codecvt@DDU_Mbstatet@@@std@@2V0locale@2@A
?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?unshift@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEAD1AEAPEAD@Z
?setg@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXPEAD00@Z
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXXZ
?in@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
?out@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ
?write@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@PEBD_J@Z
?read@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@PEAD_J@Z
??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
?always_noconv@codecvt_base@std@@QEBA_NXZ
??Bid@locale@std@@QEAA_KXZ
?_Fiopen@std@@YAPEAU_iobuf@@PEBDHH@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ
?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEBA?AVlocale@2@XZ
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAPEAV12@PEAD_J@Z
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAXAEBVlocale@2@@Z
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAVios_base@1@AEAV21@@Z@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@G@Z
?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?snextc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?_Ipfx@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA_N_N@Z
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UEAA@XZ
??Bios_base@std@@QEBA_NXZ

opengl32

glDeleteTextures
glTexParameteri
glTexEnvi
glEnable
glGenTextures
glTexSubImage2D
glPixelStorei
glBindTexture
glGetTexLevelParameteriv
glTexImage2D

vcruntime140_1

__CxxFrameHandler4

vcruntime140

__std_exception_copy
__std_terminate
_purecall
__current_exception
__current_exception_context
__C_specific_handler
_CxxThrowException
memset
memmove
memcpy
memcmp
__std_exception_destroy
memchr
strrchr

api-ms-win-crt-heap-l1-1-0

_set_new_mode
malloc
_callnewh
free

api-ms-win-crt-runtime-l1-1-0

abort
exit
_c_exit
terminate
_configure_narrow_argv
_initialize_narrow_environment
_initialize_onexit_table
_register_onexit_function
_crt_atexit
_cexit
_seh_filter_exe
_set_app_type
_errno
_get_narrow_winmain_command_line
_initterm
_initterm_e
_exit
_get_pgmptr
_invalid_parameter_noinfo_noreturn
_register_thread_local_exe_atexit_callback

api-ms-win-crt-stdio-l1-1-0

fopen
__p__commode
fflush
__stdio_common_vsprintf
__stdio_common_vfprintf
_set_fmode
fclose
puts
setbuf
freopen
__acrt_iob_func
_ftelli64
ferror
fgetc
_get_stream_buffer_pointers
_fseeki64
fread
fsetpos
ungetc
setvbuf
fgetpos
fwrite
fputc

api-ms-win-crt-filesystem-l1-1-0

remove
_unlink
rename
_unlock_file
_lock_file

api-ms-win-crt-utility-l1-1-0

qsort

api-ms-win-crt-string-l1-1-0

isspace
isgraph

api-ms-win-crt-convert-l1-1-0

_itoa
atoi
strtoull
strtoul

api-ms-win-crt-math-l1-1-0

pow
sin
__setusermatherr
cos
atan2
sqrtf
sqrt

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

Sections

.text
Size: 17.1MB - Virtual size: 17.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2.1MB - Virtual size: 2.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 274KB - Virtual size: 13.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 250KB - Virtual size: 250KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 85KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

144012ba818427f32ebb211cebab03b1

Headers

DLL Characteristics

File Characteristics

Imports

steam_api64

fmod

sdl

sdl_image

winmm

kernel32

user32

msvcp140

opengl32

vcruntime140_1

vcruntime140

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-filesystem-l1-1-0

api-ms-win-crt-utility-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-locale-l1-1-0

Sections

.text Size: 17.1MB - Virtual size: 17.1MB

.rdata Size: 2.1MB - Virtual size: 2.1MB

.data Size: 274KB - Virtual size: 13.8MB

.pdata Size: 250KB - Virtual size: 250KB

.rsrc Size: 6KB - Virtual size: 5KB

.reloc Size: 85KB - Virtual size: 84KB

.text
Size: 17.1MB - Virtual size: 17.1MB

.rdata
Size: 2.1MB - Virtual size: 2.1MB

.data
Size: 274KB - Virtual size: 13.8MB

.pdata
Size: 250KB - Virtual size: 250KB

.rsrc
Size: 6KB - Virtual size: 5KB

.reloc
Size: 85KB - Virtual size: 84KB