csgo-x86[.]dll

Sharing

Copy URL Twitter E-mail

General

Target

csgo-x86.dll
Size

2.6MB
MD5

abcd5c92f0245565c4c5372d03fbbda2
SHA1

023c68eaaad5cb8433554b5af4893bff70cc1ef5
SHA256

958170fd316264dda536688ff8c282ff44a464a06118d7b6227de25e69c3a21d
SHA512

0c2a030d9ba0187bab65906dca989690e6924293ce407acb8d01e040b65913f7d8f547f9f6ba29349e84ab7cf03160cf7dae9d79fbe7cf05e6a1e8ac18cde65a
SSDEEP

49152:gjpY4E6zD0cxGl83cPb/UQGLQtLPW+S1kY1Ykbtr:gji4E6zYcIl88/eATW+SmY1YEt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
csgo-x86.dll

Files

csgo-x86.dll
.dll windows x86

f5220679cfc13dcb1660eab48fb2a133

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_vsnprintf_s
_purecall
__libm_sse2_tanf
__libm_sse2_acosf
strtol
qsort
strrchr
strlen
__libm_sse2_pow
__p__fmode
_ftol2
ldexp
fmod
atan2
tanh
cosh
sinh
atan
acos
asin
tan
cos
sin
exp
log10
log
pow
fgets
__libm_sse2_log
strtoul
putchar
fwrite
fread
fopen
ferror
feof
fclose
fputs
fputc
fflush
strerror
__DestructExceptionObject
exit
_endthread
_beginthread
strchr
_wcsicmp
wcsrchr
realloc
tolower
sscanf
sprintf
malloc
free
__libm_sse2_logf
__libm_sse2_tan
_stricmp
strncpy
strstr
strncmp
__libm_sse2_expf
__libm_sse2_atanf
memchr
__libm_sse2_asinf
atof
ceil
_ftol2_sse
__libm_sse2_sin
atoi
_CIfmod
__libm_sse2_powf
memset
memmove
memcpy
__libm_sse2_sinf
__libm_sse2_cosf

kernel32

GlobalLock
GlobalUnlock
GlobalAlloc
IsBadReadPtr
RemoveVectoredExceptionHandler
AddVectoredExceptionHandler
RtlCaptureContext
CreateDirectoryW
QueryPerformanceCounter
GetProcAddress
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
WaitForSingleObject
GetModuleHandleExA
GlobalFree
CreateFileW
DeleteFileW
FindClose
GetCurrentProcessId
FindFirstFileW
FindNextFileW
GetFileSize
WriteFile
MoveFileW
RtlUnwind
SetLastError
GetLastError
GetTickCount64
Sleep
QueryPerformanceFrequency
FormatMessageA
ReadFile
CloseHandle

user32

GetCursorPos
SetWindowLongW
GetRawInputData
GetForegroundWindow
GetWindowLongW
ScreenToClient
EmptyClipboard
GetClipboardData
SetClipboardData
CloseClipboard
OpenClipboard
GetWindowThreadProcessId
MessageBoxA
IsIconic
GetWindowTextW
GetClientRect
EnumWindows
CallWindowProcW
IsClipboardFormatAvailable
GetClassNameW

gdi32

SetTextColor
RemoveFontMemResourceEx
CreateCompatibleDC
CreateFontA
DeleteDC
DeleteObject
GetGlyphOutlineW
GetTextExtentPoint32W
GetFontUnicodeRanges
SelectObject
SetBkColor
SetMapMode
SetTextAlign
CreateDIBSection
ExtTextOutW
AddFontMemResourceEx

shell32

ShellExecuteW

ntdll

NtProtectVirtualMemory
NtFreeVirtualMemory
NtDelayExecution
NtQueryInformationProcess
NtQueryVirtualMemory
NtAllocateVirtualMemory
NtTerminateProcess

Sections

.text
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.init
Size: 128KB - Virtual size: 127KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.prot3
Size: 65KB - Virtual size: 65KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.prot2
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.prot0
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.prot1
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 828KB - Virtual size: 827KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ldr
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f5220679cfc13dcb1660eab48fb2a133

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

kernel32

user32

gdi32

shell32

ntdll

Sections

.text Size: 1.5MB - Virtual size: 1.5MB

.init Size: 128KB - Virtual size: 127KB

.prot3 Size: 65KB - Virtual size: 65KB

.prot2 Size: 3KB - Virtual size: 2KB

.prot0 Size: 4KB - Virtual size: 3KB

.prot1 Size: 2KB - Virtual size: 1KB

.rdata Size: 828KB - Virtual size: 827KB

.data Size: 13KB - Virtual size: 15KB

.ldr Size: 1KB - Virtual size: 1KB

.reloc Size: 40KB - Virtual size: 40KB

.text
Size: 1.5MB - Virtual size: 1.5MB

.init
Size: 128KB - Virtual size: 127KB

.prot3
Size: 65KB - Virtual size: 65KB

.prot2
Size: 3KB - Virtual size: 2KB

.prot0
Size: 4KB - Virtual size: 3KB

.prot1
Size: 2KB - Virtual size: 1KB

.rdata
Size: 828KB - Virtual size: 827KB

.data
Size: 13KB - Virtual size: 15KB

.ldr
Size: 1KB - Virtual size: 1KB

.reloc
Size: 40KB - Virtual size: 40KB