9529d82ed77bafb866bdb81b90b62436c6d36a2c3d6d26524f9ca847775c879a

Sharing

Copy URL Twitter E-mail

General

Target

9529d82ed77bafb866bdb81b90b62436c6d36a2c3d6d26524f9ca847775c879a
Size

1.0MB
MD5

8d2b604a36d9dd5a10d684927eccdea1
SHA1

e5f6760652af6af4ef05c753123fd880ba50cb25
SHA256

9529d82ed77bafb866bdb81b90b62436c6d36a2c3d6d26524f9ca847775c879a
SHA512

c2038b2c5e036ce075377889a04ab02a5fffdd26b4cbf4c1d680d0ea999ed02f32981a9cd94109e952a690a2e4d0bb02c4852ceb833bc20a26c38ec152d6a61f
SSDEEP

24576:uiqua8tMpAErTXw4bLmDjjaVNjs+rhAe0plbDGP:v28tMpAvELmGVbAjbD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9529d82ed77bafb866bdb81b90b62436c6d36a2c3d6d26524f9ca847775c879a

Files

9529d82ed77bafb866bdb81b90b62436c6d36a2c3d6d26524f9ca847775c879a
.exe windows x86

70202401f4ce2f83c69aa630075f7d5f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

steam_api

SteamAPI_RegisterCallback
SteamAPI_UnregisterCallback
SteamAPI_RunCallbacks
SteamAPI_RestartAppIfNecessary
SteamAPI_Init
SteamAPI_GetHSteamUser
SteamInternal_FindOrCreateUserInterface
SteamInternal_ContextInit
SteamInternal_CreateInterface

kernel32

QueryPerformanceCounter
CloseHandle
CreateFileA
DeleteFileA
GetStringTypeW
WriteConsoleW
LCMapStringW
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
SetStdHandle
FlushFileBuffers
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameA
GetConsoleMode
GetConsoleCP
ReadFile
GetTimeZoneInformation
SetFilePointer
SetHandleCount
HeapCreate
GetCurrentDirectoryW
GetFileType
PeekNamedPipe
GetFileInformationByHandle
HeapSize
GetModuleFileNameW
GetStdHandle
WriteFile
GetCurrentThreadId
SetLastError
GetProcAddress
GetDriveTypeA
GetUserDefaultLCID
CreateMutexA
GetLastError
ReleaseMutex
GetModuleHandleA
TlsFree
TlsSetValue
MultiByteToWideChar
WideCharToMultiByte
OutputDebugStringA
Sleep
TlsGetValue
TlsAlloc
LoadLibraryW
GetTickCount
GetCurrentProcessId
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
IsProcessorFeaturePresent
GetCurrentProcess
SetEnvironmentVariableA
CompareStringW
CreateFileW
TerminateProcess
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
LeaveCriticalSection
EnterCriticalSection
CreateThread
ResumeThread
ExitThread
HeapReAlloc
GetProcessHeap
SetEndOfFile
GetStartupInfoW
HeapSetInformation
GetFileAttributesA
FindClose
GetCurrentDirectoryA
CreateDirectoryA
InterlockedIncrement
InterlockedDecrement
GetModuleHandleW
ExitProcess
DecodePointer
EncodePointer
RtlUnwind
FileTimeToSystemTime
FileTimeToLocalFileTime
FindFirstFileExA
GetDriveTypeW
GetFullPathNameA
GetSystemTimeAsFileTime
HeapFree
GetLocalTime
HeapAlloc
RaiseException
GetCommandLineA

user32

TranslateMessage
PeekMessageA
PostQuitMessage
DefWindowProcA
DestroyWindow
EndPaint
DrawTextA
GetClientRect
DispatchMessageA
LoadCursorA
MoveWindow
ClientToScreen
GetDesktopWindow
ReleaseDC
GetDC
ChangeDisplaySettingsA
GetInputState
GetAsyncKeyState
ShowCursor
GetSystemMetrics
MessageBoxA
BeginPaint
GetWindowLongA
SetWindowLongA
GetCursorPos
ScreenToClient
InvalidateRect
RegisterClassExA
CreateWindowExA
CreateWindowExW
SendMessageA
ShowWindow
UpdateWindow
GetMessageA
LoadIconA
wsprintfA
GetWindowRect

gdi32

DeleteObject
CreateDIBSection
DeleteDC
GetCurrentObject
SetTextColor
SetBkMode
Rectangle
CreateSolidBrush
CreatePen
CreateCompatibleDC
BitBlt
CreateFontA
SelectObject
GetStockObject

shell32

SHGetKnownFolderPath

ole32

CoTaskMemFree

dsound

ord1

wininet

InternetReadFile
InternetOpenUrlA
InternetOpenA
InternetCloseHandle

ws2_32

getaddrinfo
socket
connect
freeaddrinfo
ioctlsocket
recv
closesocket
send

winmm

mciSendStringA
timeGetTime
mmioClose
mmioAscend
mmioRead
mmioDescend
mmioOpenA
mmioSeek
mmioSetInfo
mmioAdvance
mmioGetInfo

ddraw

DirectDrawCreate

Sections

.text
Size: 831KB - Virtual size: 831KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 63KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 29KB - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 67KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

70202401f4ce2f83c69aa630075f7d5f

Headers

DLL Characteristics

File Characteristics

Imports

steam_api

kernel32

user32

gdi32

shell32

ole32

dsound

wininet

ws2_32

winmm

ddraw

Sections

.text Size: 831KB - Virtual size: 831KB

.rdata Size: 63KB - Virtual size: 62KB

.data Size: 29KB - Virtual size: 1.7MB

.rsrc Size: 67KB - Virtual size: 66KB

.reloc Size: 64KB - Virtual size: 64KB

.text
Size: 831KB - Virtual size: 831KB

.rdata
Size: 63KB - Virtual size: 62KB

.data
Size: 29KB - Virtual size: 1.7MB

.rsrc
Size: 67KB - Virtual size: 66KB

.reloc
Size: 64KB - Virtual size: 64KB