GangFixOnly[.]rar

Sharing

Copy URL Twitter E-mail

General

Target

GangFixOnly.rar
Size

4.1MB
MD5

8dc716b9662f856447c08ae41aa8b678
SHA1

c3cd52e0304d2148fda632ae54226c579102e175
SHA256

d72bf7839149a421b4e976409c0a4e4d4dc2b1a85791af63b0cd8311a8639b0f
SHA512

25a0190c0aaf90088721e400820304a97a50c679e97a560ce4c78dd4f31b39345094fdb33d3019329132f7e3bbadb06e0cc046f2d9679bb9cd66fc5a0a988376
SSDEEP

98304:qrVwD9mJsBXGT1Z8LxJposYu7CL9kxHo2AdGV//1M3DRJ9WAUqUPHj8:qrVGmJsBXyz85osYEmqxvVni3DRJ9WR+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/GangFixOnly/OnlineFix64.dll

Files

GangFixOnly.rar
.rar
GangFixOnly/Gang Beasts_Data/Plugins/x86_64/steam_api64.dll
.dll windows x64

289b2254a2c1e14995dd9995d1686fdb

Code Sign

0c:e7:e0:e5:17:d8:46:fe:8f:e5:60:fc:1b:f0:30:39
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

10/11/2006, 00:00

Not After

10/11/2031, 00:00

Subject

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

05:4f:46:6c:ec:cb:e9:d6:be:e8:1f:54:35:e6:4d:47
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

04/10/2018, 00:00

Not After

07/10/2021, 12:00

Subject

CN=Valve,O=Valve,L=Bellevue,ST=WA,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2013, 12:00

Not After

22/10/2028, 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

11:bb:a5:eb:15:cd:a4:5a:5c:45:46:ac:72:dc:6d:83:3c:46:36:3e
Signer

Actual PE Digest

11:bb:a5:eb:15:cd:a4:5a:5c:45:46:ac:72:dc:6d:83:3c:46:36:3e

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
LoadLibraryExW
OpenProcess
GetExitCodeProcess
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
LoadLibraryExA
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleExW
GetCommandLineW
GetEnvironmentVariableA
SetEnvironmentVariableA
OutputDebugStringA
GetFileAttributesW
MultiByteToWideChar
WideCharToMultiByte
GetLastError
FreeLibrary
CloseHandle
GetProcAddress
SetEndOfFile
ReadConsoleW
SetEvent
ResetEvent
WaitForSingleObjectEx
CreateEventW
GetModuleHandleW
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
RtlPcToFileHeader
RaiseException
RtlUnwindEx
InterlockedFlushSList
SetLastError
EncodePointer
GetCurrentProcess
TerminateProcess
ExitProcess
GetModuleFileNameA
HeapFree
HeapAlloc
GetACP
GetStdHandle
GetFileType
GetStringTypeW
LCMapStringW
FindClose
FindFirstFileExA
FindNextFileA
IsValidCodePage
GetOEMCP
GetCPInfo
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetProcessHeap
SetStdHandle
FlushFileBuffers
WriteFile
GetConsoleCP
GetConsoleMode
CreateFileW
HeapSize
HeapReAlloc
SetFilePointerEx
WriteConsoleW
ReadFile

advapi32

RegOpenKeyExW
RegCloseKey
RegQueryValueExW

shell32

ShellExecuteW

Exports

Exports

GetHSteamPipe
GetHSteamUser
SteamAPI_GetHSteamPipe
SteamAPI_GetHSteamUser
SteamAPI_GetSteamInstallPath
SteamAPI_ISteamAppList_GetAppBuildId
SteamAPI_ISteamAppList_GetAppInstallDir
SteamAPI_ISteamAppList_GetAppName
SteamAPI_ISteamAppList_GetInstalledApps
SteamAPI_ISteamAppList_GetNumInstalledApps
SteamAPI_ISteamApps_BGetDLCDataByIndex
SteamAPI_ISteamApps_BIsAppInstalled
SteamAPI_ISteamApps_BIsCybercafe
SteamAPI_ISteamApps_BIsDlcInstalled
SteamAPI_ISteamApps_BIsLowViolence
SteamAPI_ISteamApps_BIsSubscribed
SteamAPI_ISteamApps_BIsSubscribedApp
SteamAPI_ISteamApps_BIsSubscribedFromFamilySharing
SteamAPI_ISteamApps_BIsSubscribedFromFreeWeekend
SteamAPI_ISteamApps_BIsTimedTrial
SteamAPI_ISteamApps_BIsVACBanned
SteamAPI_ISteamApps_GetAppBuildId
SteamAPI_ISteamApps_GetAppInstallDir
SteamAPI_ISteamApps_GetAppOwner
SteamAPI_ISteamApps_GetAvailableGameLanguages
SteamAPI_ISteamApps_GetCurrentBetaName
SteamAPI_ISteamApps_GetCurrentGameLanguage
SteamAPI_ISteamApps_GetDLCCount
SteamAPI_ISteamApps_GetDlcDownloadProgress
SteamAPI_ISteamApps_GetEarliestPurchaseUnixTime
SteamAPI_ISteamApps_GetFileDetails
SteamAPI_ISteamApps_GetInstalledDepots
SteamAPI_ISteamApps_GetLaunchCommandLine
SteamAPI_ISteamApps_GetLaunchQueryParam
SteamAPI_ISteamApps_InstallDLC
SteamAPI_ISteamApps_MarkContentCorrupt
SteamAPI_ISteamApps_RequestAllProofOfPurchaseKeys
SteamAPI_ISteamApps_RequestAppProofOfPurchaseKey
SteamAPI_ISteamApps_UninstallDLC
SteamAPI_ISteamClient_BReleaseSteamPipe
SteamAPI_ISteamClient_BShutdownIfAllPipesClosed
SteamAPI_ISteamClient_ConnectToGlobalUser
SteamAPI_ISteamClient_CreateLocalUser
SteamAPI_ISteamClient_CreateSteamPipe
SteamAPI_ISteamClient_GetIPCCallCount
SteamAPI_ISteamClient_GetISteamAppList
SteamAPI_ISteamClient_GetISteamApps
SteamAPI_ISteamClient_GetISteamController
SteamAPI_ISteamClient_GetISteamFriends
SteamAPI_ISteamClient_GetISteamGameSearch
SteamAPI_ISteamClient_GetISteamGameServer
SteamAPI_ISteamClient_GetISteamGameServerStats
SteamAPI_ISteamClient_GetISteamGenericInterface
SteamAPI_ISteamClient_GetISteamHTMLSurface
SteamAPI_ISteamClient_GetISteamHTTP
SteamAPI_ISteamClient_GetISteamInput
SteamAPI_ISteamClient_GetISteamInventory
SteamAPI_ISteamClient_GetISteamMatchmaking
SteamAPI_ISteamClient_GetISteamMatchmakingServers
SteamAPI_ISteamClient_GetISteamMusic
SteamAPI_ISteamClient_GetISteamMusicRemote
SteamAPI_ISteamClient_GetISteamNetworking
SteamAPI_ISteamClient_GetISteamParentalSettings
SteamAPI_ISteamClient_GetISteamParties
SteamAPI_ISteamClient_GetISteamRemotePlay
SteamAPI_ISteamClient_GetISteamRemoteStorage
SteamAPI_ISteamClient_GetISteamScreenshots
SteamAPI_ISteamClient_GetISteamUGC
SteamAPI_ISteamClient_GetISteamUser
SteamAPI_ISteamClient_GetISteamUserStats
SteamAPI_ISteamClient_GetISteamUtils
SteamAPI_ISteamClient_GetISteamVideo
SteamAPI_ISteamClient_ReleaseUser
SteamAPI_ISteamClient_SetLocalIPBinding
SteamAPI_ISteamClient_SetWarningMessageHook
SteamAPI_ISteamController_ActivateActionSet
SteamAPI_ISteamController_ActivateActionSetLayer
SteamAPI_ISteamController_DeactivateActionSetLayer
SteamAPI_ISteamController_DeactivateAllActionSetLayers
SteamAPI_ISteamController_GetActionOriginFromXboxOrigin
SteamAPI_ISteamController_GetActionSetHandle
SteamAPI_ISteamController_GetActiveActionSetLayers
SteamAPI_ISteamController_GetAnalogActionData
SteamAPI_ISteamController_GetAnalogActionHandle
SteamAPI_ISteamController_GetAnalogActionOrigins
SteamAPI_ISteamController_GetConnectedControllers
SteamAPI_ISteamController_GetControllerBindingRevision
SteamAPI_ISteamController_GetControllerForGamepadIndex
SteamAPI_ISteamController_GetCurrentActionSet
SteamAPI_ISteamController_GetDigitalActionData
SteamAPI_ISteamController_GetDigitalActionHandle
SteamAPI_ISteamController_GetDigitalActionOrigins
SteamAPI_ISteamController_GetGamepadIndexForController
SteamAPI_ISteamController_GetGlyphForActionOrigin
SteamAPI_ISteamController_GetGlyphForXboxOrigin
SteamAPI_ISteamController_GetInputTypeForHandle
SteamAPI_ISteamController_GetMotionData
SteamAPI_ISteamController_GetStringForActionOrigin
SteamAPI_ISteamController_GetStringForXboxOrigin
SteamAPI_ISteamController_Init
SteamAPI_ISteamController_RunFrame
SteamAPI_ISteamController_SetLEDColor
SteamAPI_ISteamController_ShowBindingPanel
SteamAPI_ISteamController_Shutdown
SteamAPI_ISteamController_StopAnalogActionMomentum
SteamAPI_ISteamController_TranslateActionOrigin
SteamAPI_ISteamController_TriggerHapticPulse
SteamAPI_ISteamController_TriggerRepeatedHapticPulse
SteamAPI_ISteamController_TriggerVibration
SteamAPI_ISteamFriends_ActivateGameOverlay
SteamAPI_ISteamFriends_ActivateGameOverlayInviteDialog
SteamAPI_ISteamFriends_ActivateGameOverlayInviteDialogConnectString
SteamAPI_ISteamFriends_ActivateGameOverlayRemotePlayTogetherInviteDialog
SteamAPI_ISteamFriends_ActivateGameOverlayToStore
SteamAPI_ISteamFriends_ActivateGameOverlayToUser
SteamAPI_ISteamFriends_ActivateGameOverlayToWebPage
SteamAPI_ISteamFriends_ClearRichPresence
SteamAPI_ISteamFriends_CloseClanChatWindowInSteam
SteamAPI_ISteamFriends_DownloadClanActivityCounts
SteamAPI_ISteamFriends_EnumerateFollowingList
SteamAPI_ISteamFriends_GetChatMemberByIndex
SteamAPI_ISteamFriends_GetClanActivityCounts
SteamAPI_ISteamFriends_GetClanByIndex
SteamAPI_ISteamFriends_GetClanChatMemberCount
SteamAPI_ISteamFriends_GetClanChatMessage
SteamAPI_ISteamFriends_GetClanCount
SteamAPI_ISteamFriends_GetClanName
SteamAPI_ISteamFriends_GetClanOfficerByIndex
SteamAPI_ISteamFriends_GetClanOfficerCount
SteamAPI_ISteamFriends_GetClanOwner
SteamAPI_ISteamFriends_GetClanTag
SteamAPI_ISteamFriends_GetCoplayFriend
SteamAPI_ISteamFriends_GetCoplayFriendCount
SteamAPI_ISteamFriends_GetFollowerCount
SteamAPI_ISteamFriends_GetFriendByIndex
SteamAPI_ISteamFriends_GetFriendCoplayGame
SteamAPI_ISteamFriends_GetFriendCoplayTime
SteamAPI_ISteamFriends_GetFriendCount
SteamAPI_ISteamFriends_GetFriendCountFromSource
SteamAPI_ISteamFriends_GetFriendFromSourceByIndex
SteamAPI_ISteamFriends_GetFriendGamePlayed
SteamAPI_ISteamFriends_GetFriendMessage
SteamAPI_ISteamFriends_GetFriendPersonaName
SteamAPI_ISteamFriends_GetFriendPersonaNameHistory
SteamAPI_ISteamFriends_GetFriendPersonaState
SteamAPI_ISteamFriends_GetFriendRelationship
SteamAPI_ISteamFriends_GetFriendRichPresence
SteamAPI_ISteamFriends_GetFriendRichPresenceKeyByIndex
SteamAPI_ISteamFriends_GetFriendRichPresenceKeyCount
SteamAPI_ISteamFriends_GetFriendSteamLevel
SteamAPI_ISteamFriends_GetFriendsGroupCount
SteamAPI_ISteamFriends_GetFriendsGroupIDByIndex
SteamAPI_ISteamFriends_GetFriendsGroupMembersCount
SteamAPI_ISteamFriends_GetFriendsGroupMembersList
SteamAPI_ISteamFriends_GetFriendsGroupName
SteamAPI_ISteamFriends_GetLargeFriendAvatar
SteamAPI_ISteamFriends_GetMediumFriendAvatar
SteamAPI_ISteamFriends_GetNumChatsWithUnreadPriorityMessages
SteamAPI_ISteamFriends_GetPersonaName
SteamAPI_ISteamFriends_GetPersonaState
SteamAPI_ISteamFriends_GetPlayerNickname
SteamAPI_ISteamFriends_GetSmallFriendAvatar
SteamAPI_ISteamFriends_GetUserRestrictions
SteamAPI_ISteamFriends_HasFriend
SteamAPI_ISteamFriends_InviteUserToGame
SteamAPI_ISteamFriends_IsClanChatAdmin
SteamAPI_ISteamFriends_IsClanChatWindowOpenInSteam
SteamAPI_ISteamFriends_IsClanOfficialGameGroup
SteamAPI_ISteamFriends_IsClanPublic
SteamAPI_ISteamFriends_IsFollowing
SteamAPI_ISteamFriends_IsUserInSource
SteamAPI_ISteamFriends_JoinClanChatRoom
SteamAPI_ISteamFriends_LeaveClanChatRoom
SteamAPI_ISteamFriends_OpenClanChatWindowInSteam
SteamAPI_ISteamFriends_RegisterProtocolInOverlayBrowser
SteamAPI_ISteamFriends_ReplyToFriendMessage
SteamAPI_ISteamFriends_RequestClanOfficerList
SteamAPI_ISteamFriends_RequestFriendRichPresence
SteamAPI_ISteamFriends_RequestUserInformation
SteamAPI_ISteamFriends_SendClanChatMessage
SteamAPI_ISteamFriends_SetInGameVoiceSpeaking
SteamAPI_ISteamFriends_SetListenForFriendsMessages
SteamAPI_ISteamFriends_SetPersonaName
SteamAPI_ISteamFriends_SetPlayedWith
SteamAPI_ISteamFriends_SetRichPresence
SteamAPI_ISteamGameSearch_AcceptGame
SteamAPI_ISteamGameSearch_AddGameSearchParams
SteamAPI_ISteamGameSearch_CancelRequestPlayersForGame
SteamAPI_ISteamGameSearch_DeclineGame
SteamAPI_ISteamGameSearch_EndGame
SteamAPI_ISteamGameSearch_EndGameSearch
SteamAPI_ISteamGameSearch_HostConfirmGameStart
SteamAPI_ISteamGameSearch_RequestPlayersForGame
SteamAPI_ISteamGameSearch_RetrieveConnectionDetails
SteamAPI_ISteamGameSearch_SearchForGameSolo
SteamAPI_ISteamGameSearch_SearchForGameWithLobby
SteamAPI_ISteamGameSearch_SetConnectionDetails
SteamAPI_ISteamGameSearch_SetGameHostParams
SteamAPI_ISteamGameSearch_SubmitPlayerResult
SteamAPI_ISteamGameServerStats_ClearUserAchievement
SteamAPI_ISteamGameServerStats_GetUserAchievement
SteamAPI_ISteamGameServerStats_GetUserStatFloat
SteamAPI_ISteamGameServerStats_GetUserStatInt32
SteamAPI_ISteamGameServerStats_RequestUserStats
SteamAPI_ISteamGameServerStats_SetUserAchievement
SteamAPI_ISteamGameServerStats_SetUserStatFloat
SteamAPI_ISteamGameServerStats_SetUserStatInt32
SteamAPI_ISteamGameServerStats_StoreUserStats
SteamAPI_ISteamGameServerStats_UpdateUserAvgRateStat
SteamAPI_ISteamGameServer_AssociateWithClan
SteamAPI_ISteamGameServer_BLoggedOn
SteamAPI_ISteamGameServer_BSecure
SteamAPI_ISteamGameServer_BUpdateUserData
SteamAPI_ISteamGameServer_BeginAuthSession
SteamAPI_ISteamGameServer_CancelAuthTicket
SteamAPI_ISteamGameServer_ClearAllKeyValues
SteamAPI_ISteamGameServer_ComputeNewPlayerCompatibility
SteamAPI_ISteamGameServer_CreateUnauthenticatedUserConnection
SteamAPI_ISteamGameServer_EnableHeartbeats
SteamAPI_ISteamGameServer_EndAuthSession
SteamAPI_ISteamGameServer_ForceHeartbeat
SteamAPI_ISteamGameServer_GetAuthSessionTicket
SteamAPI_ISteamGameServer_GetGameplayStats
SteamAPI_ISteamGameServer_GetNextOutgoingPacket
SteamAPI_ISteamGameServer_GetPublicIP
SteamAPI_ISteamGameServer_GetServerReputation
SteamAPI_ISteamGameServer_GetSteamID
SteamAPI_ISteamGameServer_HandleIncomingPacket
SteamAPI_ISteamGameServer_LogOff
SteamAPI_ISteamGameServer_LogOn
SteamAPI_ISteamGameServer_LogOnAnonymous
SteamAPI_ISteamGameServer_RequestUserGroupStatus
SteamAPI_ISteamGameServer_SendUserConnectAndAuthenticate
SteamAPI_ISteamGameServer_SendUserDisconnect
SteamAPI_ISteamGameServer_SetBotPlayerCount
SteamAPI_ISteamGameServer_SetDedicatedServer
SteamAPI_ISteamGameServer_SetGameData
SteamAPI_ISteamGameServer_SetGameDescription
SteamAPI_ISteamGameServer_SetGameTags
SteamAPI_ISteamGameServer_SetHeartbeatInterval
SteamAPI_ISteamGameServer_SetKeyValue
SteamAPI_ISteamGameServer_SetMapName
SteamAPI_ISteamGameServer_SetMaxPlayerCount
SteamAPI_ISteamGameServer_SetModDir
SteamAPI_ISteamGameServer_SetPasswordProtected
SteamAPI_ISteamGameServer_SetProduct
SteamAPI_ISteamGameServer_SetRegion
SteamAPI_ISteamGameServer_SetServerName
SteamAPI_ISteamGameServer_SetSpectatorPort
SteamAPI_ISteamGameServer_SetSpectatorServerName
SteamAPI_ISteamGameServer_UserHasLicenseForApp
SteamAPI_ISteamGameServer_WasRestartRequested
SteamAPI_ISteamHTMLSurface_AddHeader
SteamAPI_ISteamHTMLSurface_AllowStartRequest
SteamAPI_ISteamHTMLSurface_CopyToClipboard
SteamAPI_ISteamHTMLSurface_CreateBrowser
SteamAPI_ISteamHTMLSurface_ExecuteJavascript
SteamAPI_ISteamHTMLSurface_FileLoadDialogResponse
SteamAPI_ISteamHTMLSurface_Find
SteamAPI_ISteamHTMLSurface_GetLinkAtPosition
SteamAPI_ISteamHTMLSurface_GoBack
SteamAPI_ISteamHTMLSurface_GoForward
SteamAPI_ISteamHTMLSurface_Init
SteamAPI_ISteamHTMLSurface_JSDialogResponse
SteamAPI_ISteamHTMLSurface_KeyChar
SteamAPI_ISteamHTMLSurface_KeyDown
SteamAPI_ISteamHTMLSurface_KeyUp
SteamAPI_ISteamHTMLSurface_LoadURL
SteamAPI_ISteamHTMLSurface_MouseDoubleClick
SteamAPI_ISteamHTMLSurface_MouseDown
SteamAPI_ISteamHTMLSurface_MouseMove
SteamAPI_ISteamHTMLSurface_MouseUp
SteamAPI_ISteamHTMLSurface_MouseWheel
SteamAPI_ISteamHTMLSurface_OpenDeveloperTools
SteamAPI_ISteamHTMLSurface_PasteFromClipboard
SteamAPI_ISteamHTMLSurface_Reload
SteamAPI_ISteamHTMLSurface_RemoveBrowser
SteamAPI_ISteamHTMLSurface_SetBackgroundMode
SteamAPI_ISteamHTMLSurface_SetCookie
SteamAPI_ISteamHTMLSurface_SetDPIScalingFactor
SteamAPI_ISteamHTMLSurface_SetHorizontalScroll
SteamAPI_ISteamHTMLSurface_SetKeyFocus
SteamAPI_ISteamHTMLSurface_SetPageScaleFactor
SteamAPI_ISteamHTMLSurface_SetSize
SteamAPI_ISteamHTMLSurface_SetVerticalScroll
SteamAPI_ISteamHTMLSurface_Shutdown
SteamAPI_ISteamHTMLSurface_StopFind
SteamAPI_ISteamHTMLSurface_StopLoad
SteamAPI_ISteamHTMLSurface_ViewSource
SteamAPI_ISteamHTTP_CreateCookieContainer
SteamAPI_ISteamHTTP_CreateHTTPRequest
SteamAPI_ISteamHTTP_DeferHTTPRequest
SteamAPI_ISteamHTTP_GetHTTPDownloadProgressPct
SteamAPI_ISteamHTTP_GetHTTPRequestWasTimedOut
SteamAPI_ISteamHTTP_GetHTTPResponseBodyData
SteamAPI_ISteamHTTP_GetHTTPResponseBodySize
SteamAPI_ISteamHTTP_GetHTTPResponseHeaderSize
SteamAPI_ISteamHTTP_GetHTTPResponseHeaderValue
SteamAPI_ISteamHTTP_GetHTTPStreamingResponseBodyData
SteamAPI_ISteamHTTP_PrioritizeHTTPRequest
SteamAPI_ISteamHTTP_ReleaseCookieContainer
SteamAPI_ISteamHTTP_ReleaseHTTPRequest
SteamAPI_ISteamHTTP_SendHTTPRequest
SteamAPI_ISteamHTTP_SendHTTPRequestAndStreamResponse
SteamAPI_ISteamHTTP_SetCookie
SteamAPI_ISteamHTTP_SetHTTPRequestAbsoluteTimeoutMS
SteamAPI_ISteamHTTP_SetHTTPRequestContextValue
SteamAPI_ISteamHTTP_SetHTTPRequestCookieContainer
SteamAPI_ISteamHTTP_SetHTTPRequestGetOrPostParameter
SteamAPI_ISteamHTTP_SetHTTPRequestHeaderValue
SteamAPI_ISteamHTTP_SetHTTPRequestNetworkActivityTimeout
SteamAPI_ISteamHTTP_SetHTTPRequestRawPostBody
SteamAPI_ISteamHTTP_SetHTTPRequestRequiresVerifiedCertificate
SteamAPI_ISteamHTTP_SetHTTPRequestUserAgentInfo
SteamAPI_ISteamInput_ActivateActionSet
SteamAPI_ISteamInput_ActivateActionSetLayer
SteamAPI_ISteamInput_DeactivateActionSetLayer
SteamAPI_ISteamInput_DeactivateAllActionSetLayers
SteamAPI_ISteamInput_GetActionOriginFromXboxOrigin
SteamAPI_ISteamInput_GetActionSetHandle
SteamAPI_ISteamInput_GetActiveActionSetLayers
SteamAPI_ISteamInput_GetAnalogActionData
SteamAPI_ISteamInput_GetAnalogActionHandle
SteamAPI_ISteamInput_GetAnalogActionOrigins
SteamAPI_ISteamInput_GetConnectedControllers
SteamAPI_ISteamInput_GetControllerForGamepadIndex
SteamAPI_ISteamInput_GetCurrentActionSet
SteamAPI_ISteamInput_GetDeviceBindingRevision
SteamAPI_ISteamInput_GetDigitalActionData
SteamAPI_ISteamInput_GetDigitalActionHandle
SteamAPI_ISteamInput_GetDigitalActionOrigins
SteamAPI_ISteamInput_GetGamepadIndexForController
SteamAPI_ISteamInput_GetGlyphForActionOrigin
SteamAPI_ISteamInput_GetGlyphForXboxOrigin
SteamAPI_ISteamInput_GetInputTypeForHandle
SteamAPI_ISteamInput_GetMotionData
SteamAPI_ISteamInput_GetRemotePlaySessionID
SteamAPI_ISteamInput_GetStringForActionOrigin
SteamAPI_ISteamInput_GetStringForXboxOrigin
SteamAPI_ISteamInput_Init
SteamAPI_ISteamInput_RunFrame
SteamAPI_ISteamInput_SetLEDColor
SteamAPI_ISteamInput_ShowBindingPanel
SteamAPI_ISteamInput_Shutdown
SteamAPI_ISteamInput_StopAnalogActionMomentum
SteamAPI_ISteamInput_TranslateActionOrigin
SteamAPI_ISteamInput_TriggerHapticPulse
SteamAPI_ISteamInput_TriggerRepeatedHapticPulse
SteamAPI_ISteamInput_TriggerVibration
SteamAPI_ISteamInventory_AddPromoItem
SteamAPI_ISteamInventory_AddPromoItems
SteamAPI_ISteamInventory_CheckResultSteamID
SteamAPI_ISteamInventory_ConsumeItem
SteamAPI_ISteamInventory_DeserializeResult
SteamAPI_ISteamInventory_DestroyResult
SteamAPI_ISteamInventory_ExchangeItems
SteamAPI_ISteamInventory_GenerateItems
SteamAPI_ISteamInventory_GetAllItems
SteamAPI_ISteamInventory_GetEligiblePromoItemDefinitionIDs
SteamAPI_ISteamInventory_GetItemDefinitionIDs
SteamAPI_ISteamInventory_GetItemDefinitionProperty
SteamAPI_ISteamInventory_GetItemPrice
SteamAPI_ISteamInventory_GetItemsByID
SteamAPI_ISteamInventory_GetItemsWithPrices
SteamAPI_ISteamInventory_GetNumItemsWithPrices
SteamAPI_ISteamInventory_GetResultItemProperty
SteamAPI_ISteamInventory_GetResultItems
SteamAPI_ISteamInventory_GetResultStatus
SteamAPI_ISteamInventory_GetResultTimestamp
SteamAPI_ISteamInventory_GrantPromoItems
SteamAPI_ISteamInventory_InspectItem
SteamAPI_ISteamInventory_LoadItemDefinitions
SteamAPI_ISteamInventory_RemoveProperty
SteamAPI_ISteamInventory_RequestEligiblePromoItemDefinitionsIDs
SteamAPI_ISteamInventory_RequestPrices
SteamAPI_ISteamInventory_SendItemDropHeartbeat
SteamAPI_ISteamInventory_SerializeResult
SteamAPI_ISteamInventory_SetPropertyBool
SteamAPI_ISteamInventory_SetPropertyFloat
SteamAPI_ISteamInventory_SetPropertyInt64
SteamAPI_ISteamInventory_SetPropertyString
SteamAPI_ISteamInventory_StartPurchase
SteamAPI_ISteamInventory_StartUpdateProperties
SteamAPI_ISteamInventory_SubmitUpdateProperties
SteamAPI_ISteamInventory_TradeItems
SteamAPI_ISteamInventory_TransferItemQuantity
SteamAPI_ISteamInventory_TriggerItemDrop
SteamAPI_ISteamMatchmakingPingResponse_ServerFailedToRespond
SteamAPI_ISteamMatchmakingPingResponse_ServerResponded
SteamAPI_ISteamMatchmakingPlayersResponse_AddPlayerToList
SteamAPI_ISteamMatchmakingPlayersResponse_PlayersFailedToRespond
SteamAPI_ISteamMatchmakingPlayersResponse_PlayersRefreshComplete
SteamAPI_ISteamMatchmakingRulesResponse_RulesFailedToRespond
SteamAPI_ISteamMatchmakingRulesResponse_RulesRefreshComplete
SteamAPI_ISteamMatchmakingRulesResponse_RulesResponded
SteamAPI_ISteamMatchmakingServerListResponse_RefreshComplete
SteamAPI_ISteamMatchmakingServerListResponse_ServerFailedToRespond
SteamAPI_ISteamMatchmakingServerListResponse_ServerResponded
SteamAPI_ISteamMatchmakingServers_CancelQuery
SteamAPI_ISteamMatchmakingServers_CancelServerQuery
SteamAPI_ISteamMatchmakingServers_GetServerCount
SteamAPI_ISteamMatchmakingServers_GetServerDetails
SteamAPI_ISteamMatchmakingServers_IsRefreshing
SteamAPI_ISteamMatchmakingServers_PingServer
SteamAPI_ISteamMatchmakingServers_PlayerDetails
SteamAPI_ISteamMatchmakingServers_RefreshQuery
SteamAPI_ISteamMatchmakingServers_RefreshServer
SteamAPI_ISteamMatchmakingServers_ReleaseRequest
SteamAPI_ISteamMatchmakingServers_RequestFavoritesServerList
SteamAPI_ISteamMatchmakingServers_RequestFriendsServerList
SteamAPI_ISteamMatchmakingServers_RequestHistoryServerList
SteamAPI_ISteamMatchmakingServers_RequestInternetServerList
SteamAPI_ISteamMatchmakingServers_RequestLANServerList
SteamAPI_ISteamMatchmakingServers_RequestSpectatorServerList
SteamAPI_ISteamMatchmakingServers_ServerRules
SteamAPI_ISteamMatchmaking_AddFavoriteGame
SteamAPI_ISteamMatchmaking_AddRequestLobbyListCompatibleMembersFilter
SteamAPI_ISteamMatchmaking_AddRequestLobbyListDistanceFilter
SteamAPI_ISteamMatchmaking_AddRequestLobbyListFilterSlotsAvailable
SteamAPI_ISteamMatchmaking_AddRequestLobbyListNearValueFilter
SteamAPI_ISteamMatchmaking_AddRequestLobbyListNumericalFilter
SteamAPI_ISteamMatchmaking_AddRequestLobbyListResultCountFilter
SteamAPI_ISteamMatchmaking_AddRequestLobbyListStringFilter
SteamAPI_ISteamMatchmaking_CreateLobby
SteamAPI_ISteamMatchmaking_DeleteLobbyData
SteamAPI_ISteamMatchmaking_GetFavoriteGame
SteamAPI_ISteamMatchmaking_GetFavoriteGameCount
SteamAPI_ISteamMatchmaking_GetLobbyByIndex
SteamAPI_ISteamMatchmaking_GetLobbyChatEntry
SteamAPI_ISteamMatchmaking_GetLobbyData
SteamAPI_ISteamMatchmaking_GetLobbyDataByIndex
SteamAPI_ISteamMatchmaking_GetLobbyDataCount
SteamAPI_ISteamMatchmaking_GetLobbyGameServer
SteamAPI_ISteamMatchmaking_GetLobbyMemberByIndex
SteamAPI_ISteamMatchmaking_GetLobbyMemberData
SteamAPI_ISteamMatchmaking_GetLobbyMemberLimit
SteamAPI_ISteamMatchmaking_GetLobbyOwner
SteamAPI_ISteamMatchmaking_GetNumLobbyMembers
SteamAPI_ISteamMatchmaking_InviteUserToLobby
SteamAPI_ISteamMatchmaking_JoinLobby
SteamAPI_ISteamMatchmaking_LeaveLobby
SteamAPI_ISteamMatchmaking_RemoveFavoriteGame
SteamAPI_ISteamMatchmaking_RequestLobbyData
SteamAPI_ISteamMatchmaking_RequestLobbyList
SteamAPI_ISteamMatchmaking_SendLobbyChatMsg
SteamAPI_ISteamMatchmaking_SetLinkedLobby
SteamAPI_ISteamMatchmaking_SetLobbyData
SteamAPI_ISteamMatchmaking_SetLobbyGameServer
SteamAPI_ISteamMatchmaking_SetLobbyJoinable
SteamAPI_ISteamMatchmaking_SetLobbyMemberData
SteamAPI_ISteamMatchmaking_SetLobbyMemberLimit
SteamAPI_ISteamMatchmaking_SetLobbyOwner
SteamAPI_ISteamMatchmaking_SetLobbyType
SteamAPI_ISteamMusicRemote_BActivationSuccess
SteamAPI_ISteamMusicRemote_BIsCurrentMusicRemote
SteamAPI_ISteamMusicRemote_CurrentEntryDidChange
SteamAPI_ISteamMusicRemote_CurrentEntryIsAvailable
SteamAPI_ISteamMusicRemote_CurrentEntryWillChange
SteamAPI_ISteamMusicRemote_DeregisterSteamMusicRemote
SteamAPI_ISteamMusicRemote_EnableLooped
SteamAPI_ISteamMusicRemote_EnablePlayNext
SteamAPI_ISteamMusicRemote_EnablePlayPrevious
SteamAPI_ISteamMusicRemote_EnablePlaylists
SteamAPI_ISteamMusicRemote_EnableQueue
SteamAPI_ISteamMusicRemote_EnableShuffled
SteamAPI_ISteamMusicRemote_PlaylistDidChange
SteamAPI_ISteamMusicRemote_PlaylistWillChange
SteamAPI_ISteamMusicRemote_QueueDidChange
SteamAPI_ISteamMusicRemote_QueueWillChange
SteamAPI_ISteamMusicRemote_RegisterSteamMusicRemote
SteamAPI_ISteamMusicRemote_ResetPlaylistEntries
SteamAPI_ISteamMusicRemote_ResetQueueEntries
SteamAPI_ISteamMusicRemote_SetCurrentPlaylistEntry
SteamAPI_ISteamMusicRemote_SetCurrentQueueEntry
SteamAPI_ISteamMusicRemote_SetDisplayName
SteamAPI_ISteamMusicRemote_SetPNGIcon_64x64
SteamAPI_ISteamMusicRemote_SetPlaylistEntry
SteamAPI_ISteamMusicRemote_SetQueueEntry
SteamAPI_ISteamMusicRemote_UpdateCurrentEntryCoverArt
SteamAPI_ISteamMusicRemote_UpdateCurrentEntryElapsedSeconds
SteamAPI_ISteamMusicRemote_UpdateCurrentEntryText
SteamAPI_ISteamMusicRemote_UpdateLooped
SteamAPI_ISteamMusicRemote_UpdatePlaybackStatus
SteamAPI_ISteamMusicRemote_UpdateShuffled
SteamAPI_ISteamMusicRemote_UpdateVolume
SteamAPI_ISteamMusic_BIsEnabled
SteamAPI_ISteamMusic_BIsPlaying
SteamAPI_ISteamMusic_GetPlaybackStatus
SteamAPI_ISteamMusic_GetVolume
SteamAPI_ISteamMusic_Pause
SteamAPI_ISteamMusic_Play
SteamAPI_ISteamMusic_PlayNext
SteamAPI_ISteamMusic_PlayPrevious
SteamAPI_ISteamMusic_SetVolume
SteamAPI_ISteamNetworkingMessages_AcceptSessionWithUser
SteamAPI_ISteamNetworkingMessages_CloseChannelWithUser
SteamAPI_ISteamNetworkingMessages_CloseSessionWithUser
SteamAPI_ISteamNetworkingMessages_GetSessionConnectionInfo
SteamAPI_ISteamNetworkingMessages_ReceiveMessagesOnChannel
SteamAPI_ISteamNetworkingMessages_SendMessageToUser

Sections

.text
Size: 131KB - Virtual size: 131KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 103KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
GangFixOnly/OnlineFix.ini
GangFixOnly/OnlineFix.url
GangFixOnly/OnlineFix64.dll
.dll windows x64

4a3dec248fc3d9b95d52f3733f93bec8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
LocalAlloc
LocalFree
GetModuleFileNameW
GetProcessAffinityMask
SetProcessAffinityMask
SetThreadAffinityMask
Sleep
ExitProcess
FreeLibrary
LoadLibraryA
GetModuleHandleA
GetProcAddress

user32

GetUserObjectInformationW
GetProcessWindowStation
GetUserObjectInformationW

shell32

SHGetSpecialFolderPathA

ws2_32

ioctlsocket

wldap32

ord27

advapi32

RegisterEventSourceW

Exports

Exports

Breakpad_SteamMiniDumpInit
Breakpad_SteamSetAppID
Breakpad_SteamSetSteamID
Breakpad_SteamWriteMiniDumpSetComment
Breakpad_SteamWriteMiniDumpUsingExceptionInfoWithBuildId
CreateInterface
OnlineFix
ShellExecuteA
ShellExecuteW
Steam_BConnected
Steam_BGetCallback
Steam_BLoggedOn
Steam_BReleaseSteamPipe
Steam_ConnectToGlobalUser
Steam_CreateGlobalUser
Steam_CreateLocalUser
Steam_CreateSteamPipe
Steam_FreeLastCallback
Steam_GSBLoggedOn
Steam_GSBSecure
Steam_GSGetSteam2GetEncryptionKeyToSendToNewClient
Steam_GSGetSteamID
Steam_GSLogOff
Steam_GSLogOn
Steam_GSRemoveUserConnect
Steam_GSSendSteam2UserConnect
Steam_GSSendSteam3UserConnect
Steam_GSSendUserDisconnect
Steam_GSSendUserStatusResponse
Steam_GSSetServerType
Steam_GSSetSpawnCount
Steam_GSUpdateStatus
Steam_GetAPICallResult
Steam_GetGSHandle
Steam_InitiateGameConnection
Steam_LogOff
Steam_LogOn
Steam_ReleaseThreadLocalMemory
Steam_ReleaseUser
Steam_SetLocalIPBinding
Steam_TerminateGameConnection
hid_close
hid_enumerate
hid_error
hid_exit
hid_free_enumeration
hid_get_feature_report
hid_get_indexed_string
hid_get_manufacturer_string
hid_get_product_string
hid_get_serial_number_string
hid_init
hid_open
hid_open_path
hid_read
hid_read_timeout
hid_send_feature_report
hid_set_nonblocking
hid_write
hid_write_output_report

Sections

.text
Size: - Virtual size: 1.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 512KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 306KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: - Virtual size: 244B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.of0
Size: - Virtual size: 1.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.of1
Size: 4.3MB - Virtual size: 4.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 220B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 652B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
GangFixOnly/SteamOverlay64.dll
.dll windows x64

84c05da171a1008428be3b3075bdedd7

Code Sign

d5:4f:27:86:74:e8:2f:65:b0:ba:31:5a:3c:bc:24:7a:3d:f1:a5
Certificate

Issuer

CN=Ascertia Public CA 1,O=Ascertia,C=GB

Not Before

16/09/2019, 13:49

Not After

16/10/2019, 13:49

Subject

CN=OnlineFix,OU=OnlineFix,O=OnlineFix,L=OnlineFix,ST=OnlineFix,C=UK,1.2.840.113549.1.9.1=#0c146f6e6c696e65666978406f6e6c696e652e666978

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

e6
Certificate

Issuer

CN=Ascertia Root CA 2,O=Ascertia,C=GB

Not Before

21/04/2009, 12:15

Not After

14/04/2028, 23:59

Subject

CN=Ascertia Public CA 1,O=Ascertia,C=GB

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

09:c0:fc:46:c8:04:42:13:b5:59:8b:af:28:4f:4e:41
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

04/01/2017, 00:00

Not After

18/01/2028, 00:00

Subject

CN=DigiCert SHA2 Timestamp Responder,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

e1:74:03:ba:53:0a:71:14:de:20:59:8f:3e:b9:ca:b5:1d:b1:58:60:8b:7c:62:b0:b5:c6:e2:31:a0:ed:ad:2f
Signer

Actual PE Digest

e1:74:03:ba:53:0a:71:14:de:20:59:8f:3e:b9:ca:b5:1d:b1:58:60:8b:7c:62:b0:b5:c6:e2:31:a0:ed:ad:2f

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

WriteConsoleW
LoadLibraryA
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
GetModuleHandleW
RtlUnwindEx
InterlockedFlushSList
GetLastError
SetLastError
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
GetProcAddress
LoadLibraryExW
RaiseException
ExitProcess
GetModuleHandleExW
GetModuleFileNameW
HeapAlloc
HeapFree
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
MultiByteToWideChar
WideCharToMultiByte
GetEnvironmentStringsW
FreeEnvironmentStringsW
LCMapStringW
GetProcessHeap
GetStdHandle
GetFileType
GetStringTypeW
HeapSize
HeapReAlloc
SetStdHandle
FlushFileBuffers
WriteFile
GetConsoleCP
GetConsoleMode
SetFilePointerEx
CreateFileW
CloseHandle

advapi32

RegCloseKey
RegOpenKeyExA
RegQueryValueExA

Exports

Exports

OnlineFix

Sections

.text
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 35KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 148B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 656B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
GangFixOnly/dlllist.txt
GangFixOnly/winmm.dll
.dll windows x64

d35c16c95a55a75561ea1d764e139684

Code Sign

3f:3e:1f:61:f6:ef:5c:6c:cd:4a:23:d6:9a:ca:97:3d:ce:16:2c:51
Certificate

Issuer

CN=Ascertia Public CA 1,O=Ascertia,C=GB

Not Before

16/02/2021, 23:11

Not After

16/03/2021, 23:11

Subject

CN=OnlineFix,OU=OnlineFix,O=OnlineFix,L=OnlineFix,ST=OnlineFix,C=CA,1.2.840.113549.1.9.1=#0c166f6e6c696e65666978406f6e6c696e656669782e6d65

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

e6
Certificate

Issuer

CN=Ascertia Root CA 2,O=Ascertia,C=GB

Not Before

21/04/2009, 12:15

Not After

14/04/2028, 23:59

Subject

CN=Ascertia Public CA 1,O=Ascertia,C=GB

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

71:25:bc:4a:5e:45:b3:90:07:31:d1:83:bd:88:ae:5f:dd:02:c3:ca:a5:78:f0:3e:be:49:f5:a7:10:c5:ec:52
Signer

Actual PE Digest

71:25:bc:4a:5e:45:b3:90:07:31:d1:83:bd:88:ae:5f:dd:02:c3:ca:a5:78:f0:3e:be:49:f5:a7:10:c5:ec:52

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleFileNameW
GetSystemDirectoryW
GetLastError
LoadLibraryW
GetProcAddress
ExitProcess
SetEndOfFile
WriteConsoleW
MultiByteToWideChar
GetStringTypeW
WideCharToMultiByte
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionEx
DeleteCriticalSection
EncodePointer
DecodePointer
LCMapStringEx
GetCPInfo
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
GetModuleHandleW
RtlUnwindEx
RtlPcToFileHeader
RaiseException
InterlockedFlushSList
SetLastError
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
LoadLibraryExW
GetModuleHandleExW
FlushFileBuffers
WriteFile
GetConsoleOutputCP
GetConsoleMode
HeapFree
CloseHandle
GetFileSizeEx
SetFilePointerEx
GetStdHandle
GetFileType
HeapAlloc
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
ReadFile
HeapReAlloc
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetProcessHeap
SetStdHandle
ReadConsoleW
CreateFileW
HeapSize
RtlUnwind

user32

MessageBoxW

Exports

Exports

CloseDriver
DefDriverProc
DriverCallback
DrvGetModuleHandle
GetDriverModuleHandle
NotifyCallbackData
OnlineFix
OpenDriver
PlaySound
PlaySoundA
PlaySoundW
SendDriverMessage
WOW32DriverCallback
WOW32ResolveMultiMediaHandle
WOWAppExit
aux32Message
auxGetDevCapsA
auxGetDevCapsW
auxGetNumDevs
auxGetVolume
auxOutMessage
auxSetVolume
joy32Message
joyConfigChanged
joyGetDevCapsA
joyGetDevCapsW
joyGetNumDevs
joyGetPos
joyGetPosEx
joyGetThreshold
joyReleaseCapture
joySetCapture
joySetThreshold
mci32Message
mciDriverNotify
mciDriverYield
mciExecute
mciFreeCommandResource
mciGetCreatorTask
mciGetDeviceIDA
mciGetDeviceIDFromElementIDA
mciGetDeviceIDFromElementIDW
mciGetDeviceIDW
mciGetDriverData
mciGetErrorStringA
mciGetErrorStringW
mciGetYieldProc
mciLoadCommandResource
mciSendCommandA
mciSendCommandW
mciSendStringA
mciSendStringW
mciSetDriverData
mciSetYieldProc
mid32Message
midiConnect
midiDisconnect
midiInAddBuffer
midiInClose
midiInGetDevCapsA
midiInGetDevCapsW
midiInGetErrorTextA
midiInGetErrorTextW
midiInGetID
midiInGetNumDevs
midiInMessage
midiInOpen
midiInPrepareHeader
midiInReset
midiInStart
midiInStop
midiInUnprepareHeader
midiOutCacheDrumPatches
midiOutCachePatches
midiOutClose
midiOutGetDevCapsA
midiOutGetDevCapsW
midiOutGetErrorTextA
midiOutGetErrorTextW
midiOutGetID
midiOutGetNumDevs
midiOutGetVolume
midiOutLongMsg
midiOutMessage
midiOutOpen
midiOutPrepareHeader
midiOutReset
midiOutSetVolume
midiOutShortMsg
midiOutUnprepareHeader
midiStreamClose
midiStreamOpen
midiStreamOut
midiStreamPause
midiStreamPosition
midiStreamProperty
midiStreamRestart
midiStreamStop
mixerClose
mixerGetControlDetailsA
mixerGetControlDetailsW
mixerGetDevCapsA
mixerGetDevCapsW
mixerGetID
mixerGetLineControlsA
mixerGetLineControlsW
mixerGetLineInfoA
mixerGetLineInfoW
mixerGetNumDevs
mixerMessage
mixerOpen
mixerSetControlDetails
mmDrvInstall
mmGetCurrentTask
mmTaskBlock
mmTaskCreate
mmTaskSignal
mmTaskYield
mmioAdvance
mmioAscend
mmioClose
mmioCreateChunk
mmioDescend
mmioFlush
mmioGetInfo
mmioInstallIOProcA
mmioInstallIOProcW
mmioOpenA
mmioOpenW
mmioRead
mmioRenameA
mmioRenameW
mmioSeek
mmioSendMessage
mmioSetBuffer
mmioSetInfo
mmioStringToFOURCCA
mmioStringToFOURCCW
mmioWrite
mmsystemGetVersion
mod32Message
mxd32Message
sndPlaySoundA
sndPlaySoundW
tid32Message
timeBeginPeriod
timeEndPeriod
timeGetDevCaps
timeGetSystemTime
timeGetTime
timeKillEvent
timeSetEvent
waveInAddBuffer
waveInClose
waveInGetDevCapsA
waveInGetDevCapsW
waveInGetErrorTextA
waveInGetErrorTextW
waveInGetID
waveInGetNumDevs
waveInGetPosition
waveInMessage
waveInOpen
waveInPrepareHeader
waveInReset
waveInStart
waveInStop
waveInUnprepareHeader
waveOutBreakLoop
waveOutClose
waveOutGetDevCapsA
waveOutGetDevCapsW
waveOutGetErrorTextA
waveOutGetErrorTextW
waveOutGetID
waveOutGetNumDevs
waveOutGetPitch
waveOutGetPlaybackRate
waveOutGetPosition
waveOutGetVolume
waveOutMessage
waveOutOpen
waveOutPause
waveOutPrepareHeader
waveOutReset
waveOutRestart
waveOutSetPitch
waveOutSetPlaybackRate
waveOutSetVolume
waveOutUnprepareHeader
waveOutWrite
wid32Message
wod32Message

Sections

.text
Size: 147KB - Virtual size: 147KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 81KB - Virtual size: 81KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 244B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 632B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

289b2254a2c1e14995dd9995d1686fdb

Code Sign

0c:e7:e0:e5:17:d8:46:fe:8f:e5:60:fc:1b:f0:30:39Certificate

Key Usages

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3bCertificate

Extended Key Usages

Key Usages

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50Certificate

Extended Key Usages

Key Usages

05:4f:46:6c:ec:cb:e9:d6:be:e8:1f:54:35:e6:4d:47Certificate

Extended Key Usages

Key Usages

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08Certificate

Extended Key Usages

Key Usages

11:bb:a5:eb:15:cd:a4:5a:5c:45:46:ac:72:dc:6d:83:3c:46:36:3eSigner

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

shell32

Exports

Exports

Sections

.text Size: 131KB - Virtual size: 131KB

.rdata Size: 103KB - Virtual size: 102KB

.data Size: 4KB - Virtual size: 11KB

.pdata Size: 8KB - Virtual size: 8KB

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 2KB - Virtual size: 1KB

4a3dec248fc3d9b95d52f3733f93bec8

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

shell32

ws2_32

wldap32

advapi32

Exports

Exports

Sections

.text Size: - Virtual size: 1.6MB

.rdata Size: - Virtual size: 512KB

.data Size: - Virtual size: 306KB

.pdata Size: - Virtual size: 76KB

_RDATA Size: - Virtual size: 244B

.of0 Size: - Virtual size: 1.6MB

.of1 Size: 4.3MB - Virtual size: 4.3MB

.reloc Size: 512B - Virtual size: 220B

.rsrc Size: 1024B - Virtual size: 652B

84c05da171a1008428be3b3075bdedd7

Code Sign

d5:4f:27:86:74:e8:2f:65:b0:ba:31:5a:3c:bc:24:7a:3d:f1:a5Certificate

Extended Key Usages

Key Usages

e6Certificate

Key Usages

09:c0:fc:46:c8:04:42:13:b5:59:8b:af:28:4f:4e:41Certificate

Extended Key Usages

Key Usages

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15Certificate

Extended Key Usages

Key Usages

e1:74:03:ba:53:0a:71:14:de:20:59:8f:3e:b9:ca:b5:1d:b1:58:60:8b:7c:62:b0:b5:c6:e2:31:a0:ed:ad:2fSigner

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

0c:e7:e0:e5:17:d8:46:fe:8f:e5:60:fc:1b:f0:30:39
Certificate

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

05:4f:46:6c:ec:cb:e9:d6:be:e8:1f:54:35:e6:4d:47
Certificate

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

11:bb:a5:eb:15:cd:a4:5a:5c:45:46:ac:72:dc:6d:83:3c:46:36:3e
Signer

.text
Size: 131KB - Virtual size: 131KB

.rdata
Size: 103KB - Virtual size: 102KB

.data
Size: 4KB - Virtual size: 11KB

.pdata
Size: 8KB - Virtual size: 8KB

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 2KB - Virtual size: 1KB

.text
Size: - Virtual size: 1.6MB

.rdata
Size: - Virtual size: 512KB

.data
Size: - Virtual size: 306KB

.pdata
Size: - Virtual size: 76KB

_RDATA
Size: - Virtual size: 244B

.of0
Size: - Virtual size: 1.6MB

.of1
Size: 4.3MB - Virtual size: 4.3MB

.reloc
Size: 512B - Virtual size: 220B

.rsrc
Size: 1024B - Virtual size: 652B

d5:4f:27:86:74:e8:2f:65:b0:ba:31:5a:3c:bc:24:7a:3d:f1:a5
Certificate

e6
Certificate

09:c0:fc:46:c8:04:42:13:b5:59:8b:af:28:4f:4e:41
Certificate

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

e1:74:03:ba:53:0a:71:14:de:20:59:8f:3e:b9:ca:b5:1d:b1:58:60:8b:7c:62:b0:b5:c6:e2:31:a0:ed:ad:2f
Signer

.text
Size: 44KB - Virtual size: 43KB

.rdata
Size: 35KB - Virtual size: 34KB

.data
Size: 2KB - Virtual size: 6KB

.pdata
Size: 3KB - Virtual size: 3KB

_RDATA
Size: 512B - Virtual size: 148B

.rsrc
Size: 1024B - Virtual size: 656B

.reloc
Size: 2KB - Virtual size: 1KB

3f:3e:1f:61:f6:ef:5c:6c:cd:4a:23:d6:9a:ca:97:3d:ce:16:2c:51
Certificate

e6
Certificate

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

71:25:bc:4a:5e:45:b3:90:07:31:d1:83:bd:88:ae:5f:dd:02:c3:ca:a5:78:f0:3e:be:49:f5:a7:10:c5:ec:52
Signer

.text
Size: 147KB - Virtual size: 147KB

.rdata
Size: 81KB - Virtual size: 81KB

.data
Size: 5KB - Virtual size: 11KB

.pdata
Size: 10KB - Virtual size: 10KB

_RDATA
Size: 512B - Virtual size: 244B

.rsrc
Size: 1024B - Virtual size: 632B

.reloc
Size: 3KB - Virtual size: 2KB