3f2927e8348205748990a608f87fdf5d

Sharing

Copy URL Twitter E-mail

General

Target

3f2927e8348205748990a608f87fdf5d
Size

218KB
MD5

3f2927e8348205748990a608f87fdf5d
SHA1

220bc66676a83239a686498b0ce6cc71524f9610
SHA256

db92de9946c16e3edf6915bb92a47c3314331a6b27706e86a3073e434e8aac9e
SHA512

7f851f948b3e527ca0fe0fcd5370bbe15600737bfb47b37448cde2b1a38199aa3ddeba53dbf99141e373091728bb858b19e8a886b4f6b367812f4e249f80d8e8
SSDEEP

6144:4rbLFsBZEsggHwJvwVlN5pg1WGV3w1XECvW0z:4HR4Zw2lN5KsGh6Nz

Score

3^/10

Malware Config

Signatures

Unsigned PE 3 IoCs

Checks for missing Authenticode signature.

resource
unpack001/steamid_tool/bin/kernel16.dll
unpack001/steamid_tool/bin/steam.dll
unpack001/steamid_tool/steamid_tool.exe

Files

3f2927e8348205748990a608f87fdf5d
.rar
steamid_tool/bin/kernel16.dll
.dll windows:5 windows x86 arch:x86

cd1d39461133455b73fe9e23dbe5e358

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

advapi32

RegQueryValueExA
RegOpenKeyExA
RegCloseKey

kernel32

GetVolumeInformationA
GetProcAddress
LoadLibraryA
GetSystemDirectoryA
DisableThreadLibraryCalls
GetCurrentThreadId
GetCommandLineA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetModuleHandleW
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetLastError
InterlockedDecrement
HeapFree
Sleep
ExitProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapCreate
HeapDestroy
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LeaveCriticalSection
EnterCriticalSection
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapAlloc
VirtualAlloc
HeapReAlloc
WriteFile
InitializeCriticalSectionAndSpinCount
RtlUnwind
GetLocaleInfoA
GetStringTypeA
MultiByteToWideChar
GetStringTypeW
LCMapStringA
LCMapStringW
HeapSize

Exports

Exports

AcquireSRWLockExclusive
AcquireSRWLockShared
ActivateActCtx
AddAtomA
AddAtomW
AddConsoleAliasA
AddConsoleAliasW
AddIntegrityLabelToBoundaryDescriptor
AddLocalAlternateComputerNameA
AddLocalAlternateComputerNameW
AddRefActCtx
AddSIDToBoundaryDescriptor
AddSecureMemoryCacheCallback
AddVectoredContinueHandler
AddVectoredExceptionHandler
AdjustCalendarDate
AllocConsole
AllocateUserPhysicalPages
AllocateUserPhysicalPagesNuma
ApplicationRecoveryFinished
ApplicationRecoveryInProgress
AreFileApisANSI
AssignProcessToJobObject
AttachConsole
BackupRead
BackupSeek
BackupWrite
BaseCheckAppcompatCache
BaseCheckAppcompatCacheEx
BaseCheckRunApp
BaseCleanupAppcompatCacheSupport
BaseDllReadWriteIniFile
BaseDumpAppcompatCache
BaseFlushAppcompatCache
BaseFormatObjectAttributes
BaseFormatTimeOut
BaseGenerateAppCompatData
BaseGetNamedObjectDirectory
BaseInitAppcompatCacheSupport
BaseIsAppcompatInfrastructureDisabled
BaseQueryModuleData
BaseSetLastNTError
BaseThreadInitThunk
BaseUpdateAppcompatCache
BaseVerifyUnicodeString
Basep8BitStringToDynamicUnicodeString
BasepAllocateActivationContextActivationBlock
BasepAnsiStringToDynamicUnicodeString
BasepCheckAppCompat
BasepCheckBadapp
BasepCheckWinSaferRestrictions
BasepFreeActivationContextActivationBlock
BasepFreeAppCompatData
BasepMapModuleHandle
Beep
BeginUpdateResourceA
BeginUpdateResourceW
BindIoCompletionCallback
BuildCommDCBA
BuildCommDCBAndTimeoutsA
BuildCommDCBAndTimeoutsW
BuildCommDCBW
CallNamedPipeA
CallNamedPipeW
CallbackMayRunLong
CancelDeviceWakeupRequest
CancelIo
CancelIoEx
CancelSynchronousIo
CancelThreadpoolIo
CancelTimerQueueTimer
CancelWaitableTimer
ChangeTimerQueueTimer
CheckElevation
CheckElevationEnabled
CheckForReadOnlyResource
CheckNameLegalDOS8Dot3A
CheckNameLegalDOS8Dot3W
CheckRemoteDebuggerPresent
ClearCommBreak
ClearCommError
CloseConsoleHandle
CloseHandle
ClosePrivateNamespace
CloseProfileUserMapping
CloseThreadpool
CloseThreadpoolCleanupGroup
CloseThreadpoolCleanupGroupMembers
CloseThreadpoolIo
CloseThreadpoolTimer
CloseThreadpoolWait
CloseThreadpoolWork
CmdBatNotification
CommConfigDialogA
CommConfigDialogW
CompareCalendarDates
CompareFileTime
CompareStringA
CompareStringEx
CompareStringOrdinal
CompareStringW
ConnectNamedPipe
ConsoleMenuControl
ContinueDebugEvent
ConvertCalDateTimeToSystemTime
ConvertDefaultLocale
ConvertFiberToThread
ConvertNLSDayOfWeekToWin32DayOfWeek
ConvertSystemTimeToCalDateTime
ConvertThreadToFiber
ConvertThreadToFiberEx
CopyExtendedContext
CopyFileA
CopyFileExA
CopyFileExW
CopyFileTransactedA
CopyFileTransactedW
CopyFileW
CopyLZFile
CreateActCtxA
CreateActCtxW
CreateBoundaryDescriptorA
CreateBoundaryDescriptorW
CreateConsoleScreenBuffer
CreateDirectoryA
CreateDirectoryExA
CreateDirectoryExW
CreateDirectoryTransactedA
CreateDirectoryTransactedW
CreateDirectoryW
CreateEventA
CreateEventExA
CreateEventExW
CreateEventW
CreateFiber
CreateFiberEx
CreateFileA
CreateFileMappingA
CreateFileMappingNumaA
CreateFileMappingNumaW
CreateFileMappingW
CreateFileTransactedA
CreateFileTransactedW
CreateFileW
CreateHardLinkA
CreateHardLinkTransactedA
CreateHardLinkTransactedW
CreateHardLinkW
CreateIoCompletionPort
CreateJobObjectA
CreateJobObjectW
CreateJobSet
CreateMailslotA
CreateMailslotW
CreateMemoryResourceNotification
CreateMutexA
CreateMutexExA
CreateMutexExW
CreateMutexW
CreateNamedPipeA
CreateNamedPipeW
CreatePipe
CreatePrivateNamespaceA
CreatePrivateNamespaceW
CreateProcessA
CreateProcessAsUserW
CreateProcessInternalA
CreateProcessInternalW
CreateProcessW
CreateRemoteThread
CreateRemoteThreadEx
CreateSemaphoreA
CreateSemaphoreExA
CreateSemaphoreExW
CreateSemaphoreW
CreateSocketHandle
CreateSymbolicLinkA
CreateSymbolicLinkTransactedA
CreateSymbolicLinkTransactedW
CreateSymbolicLinkW
CreateTapePartition
CreateThread
CreateThreadpool
CreateThreadpoolCleanupGroup
CreateThreadpoolIo
CreateThreadpoolTimer
CreateThreadpoolWait
CreateThreadpoolWork
CreateTimerQueue
CreateTimerQueueTimer
CreateToolhelp32Snapshot
CreateWaitableTimerA
CreateWaitableTimerExA
CreateWaitableTimerExW
CreateWaitableTimerW
CtrlRoutine
DeactivateActCtx
DebugActiveProcess
DebugActiveProcessStop
DebugBreak
DebugBreakProcess
DebugSetProcessKillOnExit
DecodePointer
DecodeSystemPointer
DefineDosDeviceA
DefineDosDeviceW
DelayLoadFailureHook
DeleteAtom
DeleteBoundaryDescriptor
DeleteCriticalSection
DeleteFiber
DeleteFileA
DeleteFileTransactedA
DeleteFileTransactedW
DeleteFileW
DeleteProcThreadAttributeList
DeleteTimerQueue
DeleteTimerQueueEx
DeleteTimerQueueTimer
DeleteVolumeMountPointA
DeleteVolumeMountPointW
DeviceIoControl
DisableThreadLibraryCalls
DisableThreadProfiling
DisassociateCurrentThreadFromCallback
DisconnectNamedPipe
DnsHostnameToComputerNameA
DnsHostnameToComputerNameW
DosDateTimeToFileTime
DosPathToSessionPathA
DosPathToSessionPathW
DuplicateConsoleHandle
DuplicateHandle
EnableThreadProfiling
EncodePointer
EncodeSystemPointer
EndUpdateResourceA
EndUpdateResourceW
EnterCriticalSection
EnumCalendarInfoA
EnumCalendarInfoExA
EnumCalendarInfoExEx
EnumCalendarInfoExW
EnumCalendarInfoW
EnumDateFormatsA
EnumDateFormatsExA
EnumDateFormatsExEx
EnumDateFormatsExW
EnumDateFormatsW
EnumLanguageGroupLocalesA
EnumLanguageGroupLocalesW
EnumResourceLanguagesA
EnumResourceLanguagesExA
EnumResourceLanguagesExW
EnumResourceLanguagesW
EnumResourceNamesA
EnumResourceNamesExA
EnumResourceNamesExW
EnumResourceNamesW
EnumResourceTypesA
EnumResourceTypesExA
EnumResourceTypesExW
EnumResourceTypesW
EnumSystemCodePagesA
EnumSystemCodePagesW
EnumSystemFirmwareTables
EnumSystemGeoID
EnumSystemLanguageGroupsA
EnumSystemLanguageGroupsW
EnumSystemLocalesA
EnumSystemLocalesEx
EnumSystemLocalesW
EnumTimeFormatsA
EnumTimeFormatsEx
EnumTimeFormatsW
EnumUILanguagesA
EnumUILanguagesW
EnumerateLocalComputerNamesA
EnumerateLocalComputerNamesW
EraseTape
EscapeCommFunction
ExitProcess
ExitThread
ExitVDM
ExpandEnvironmentStringsA
ExpandEnvironmentStringsW
ExpungeConsoleCommandHistoryA
ExpungeConsoleCommandHistoryW
FatalAppExitA
FatalAppExitW
FatalExit
FileTimeToDosDateTime
FileTimeToLocalFileTime
FileTimeToSystemTime
FillConsoleOutputAttribute
FillConsoleOutputCharacterA
FillConsoleOutputCharacterW
FindActCtxSectionGuid
FindActCtxSectionStringA
FindActCtxSectionStringW
FindAtomA
FindAtomW
FindClose
FindCloseChangeNotification
FindFirstChangeNotificationA
FindFirstChangeNotificationW
FindFirstFileA
FindFirstFileExA
FindFirstFileExW
FindFirstFileNameTransactedW
FindFirstFileNameW
FindFirstFileTransactedA
FindFirstFileTransactedW
FindFirstFileW
FindFirstStreamTransactedW
FindFirstStreamW
FindFirstVolumeA
FindFirstVolumeMountPointA
FindFirstVolumeMountPointW
FindFirstVolumeW
FindNLSString
FindNLSStringEx
FindNextChangeNotification
FindNextFileA
FindNextFileNameW
FindNextFileW
FindNextStreamW
FindNextVolumeA
FindNextVolumeMountPointA
FindNextVolumeMountPointW
FindNextVolumeW
FindResourceA
FindResourceExA
FindResourceExW
FindResourceW
FindStringOrdinal
FindVolumeClose
FindVolumeMountPointClose
FlsAlloc
FlsFree
FlsGetValue
FlsSetValue
FlushConsoleInputBuffer
FlushFileBuffers
FlushInstructionCache
FlushProcessWriteBuffers
FlushViewOfFile
FoldStringA
FoldStringW
FormatMessageA
FormatMessageW
FreeConsole
FreeEnvironmentStringsA
FreeEnvironmentStringsW
FreeLibrary
FreeLibraryAndExitThread
FreeLibraryWhenCallbackReturns
FreeResource
FreeUserPhysicalPages
GenerateConsoleCtrlEvent
GetACP
GetActiveProcessorCount
GetActiveProcessorGroupCount
GetApplicationRecoveryCallback
GetApplicationRestartSettings
GetAtomNameA
GetAtomNameW
GetBinaryType
GetBinaryTypeA
GetBinaryTypeW
GetCPInfo
GetCPInfoExA
GetCPInfoExW
GetCalendarDateFormat
GetCalendarDateFormatEx
GetCalendarDaysInMonth
GetCalendarDifferenceInDays
GetCalendarInfoA
GetCalendarInfoEx
GetCalendarInfoW
GetCalendarMonthsInYear
GetCalendarSupportedDateRange
GetCalendarWeekNumber
GetComPlusPackageInstallStatus
GetCommConfig
GetCommMask
GetCommModemStatus
GetCommProperties
GetCommState
GetCommTimeouts
GetCommandLineA
GetCommandLineW
GetCompressedFileSizeA
GetCompressedFileSizeTransactedA
GetCompressedFileSizeTransactedW
GetCompressedFileSizeW
GetComputerNameA
GetComputerNameExA
GetComputerNameExW
GetComputerNameW
GetConsoleAliasA
GetConsoleAliasExesA
GetConsoleAliasExesLengthA
GetConsoleAliasExesLengthW
GetConsoleAliasExesW
GetConsoleAliasW
GetConsoleAliasesA
GetConsoleAliasesLengthA
GetConsoleAliasesLengthW
GetConsoleAliasesW
GetConsoleCP
GetConsoleCharType
GetConsoleCommandHistoryA
GetConsoleCommandHistoryLengthA
GetConsoleCommandHistoryLengthW
GetConsoleCommandHistoryW
GetConsoleCursorInfo
GetConsoleCursorMode
GetConsoleDisplayMode
GetConsoleFontInfo
GetConsoleFontSize
GetConsoleHardwareState
GetConsoleHistoryInfo
GetConsoleInputExeNameA
GetConsoleInputExeNameW
GetConsoleInputWaitHandle
GetConsoleKeyboardLayoutNameA
GetConsoleKeyboardLayoutNameW
GetConsoleMode
GetConsoleNlsMode
GetConsoleOriginalTitleA
GetConsoleOriginalTitleW
GetConsoleOutputCP
GetConsoleProcessList
GetConsoleScreenBufferInfo
GetConsoleScreenBufferInfoEx
GetConsoleSelectionInfo
GetConsoleTitleA
GetConsoleTitleW
GetConsoleWindow
GetCurrencyFormatA
GetCurrencyFormatEx
GetCurrencyFormatW
GetCurrentActCtx
GetCurrentConsoleFont
GetCurrentConsoleFontEx
GetCurrentDirectoryA
GetCurrentDirectoryW
GetCurrentProcess
GetCurrentProcessId
GetCurrentProcessorNumber
GetCurrentProcessorNumberEx
GetCurrentThread
GetCurrentThreadId
GetDateFormatA
GetDateFormatEx
GetDateFormatW
GetDefaultCommConfigA
GetDefaultCommConfigW
GetDevicePowerState
GetDiskFreeSpaceA
GetDiskFreeSpaceExA
GetDiskFreeSpaceExW
GetDiskFreeSpaceW
GetDllDirectoryA
GetDllDirectoryW
GetDriveTypeA
GetDriveTypeW
GetDurationFormat
GetDurationFormatEx
GetDynamicTimeZoneInformation
GetEnabledExtendedFeatures
GetEnvironmentStrings
GetEnvironmentStringsA
GetEnvironmentStringsW
GetEnvironmentVariableA
GetEnvironmentVariableW
GetEraNameCountedString
GetErrorMode
GetExitCodeProcess
GetExitCodeThread
GetExpandedNameA
GetExpandedNameW
GetExtendedContextLength
GetExtendedFeaturesMask
GetFileAttributesA
GetFileAttributesExA
GetFileAttributesExW
GetFileAttributesTransactedA
GetFileAttributesTransactedW
GetFileAttributesW
GetFileBandwidthReservation
GetFileInformationByHandle
GetFileInformationByHandleEx
GetFileMUIInfo
GetFileMUIPath
GetFileSize
GetFileSizeEx
GetFileTime
GetFileType

Sections

.text
Size: 73KB - Virtual size: 73KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 46KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 31KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
steamid_tool/bin/steam.dll
.dll windows:4 windows x86 arch:x86

43dd486d0387256774889079d23c8ebd

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

MessageBoxA

advapi32

RegOpenKeyExA
RegQueryValueExA

kernel16

SetStdHandle
GetProcessHeap
WriteConsoleW
GetConsoleOutputCP
GetCommandLineA
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
CreateFileA
GetFileSize
CreateFileMappingA
CloseHandle
MapViewOfFile
UnmapViewOfFile
ExitProcess
GetCurrentProcessId
DisableThreadLibraryCalls
GetEnvironmentStrings
CreateProcessA
SetLastError
GetVolumeInformationA
VirtualProtect
GetModuleHandleA
TerminateProcess
GetCurrentProcess
GetStdHandle
WriteConsoleA
GetCurrentDirectoryA
GetModuleFileNameA
GetFullPathNameA
CreateDirectoryA
GetSystemInfo
FindFirstFileA
FindClose
CompareStringW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
MultiByteToWideChar
GetSystemTimeAsFileTime
GetLastError
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDriveTypeA
FindNextFileA
HeapFree
HeapAlloc
GetCurrentThreadId
GetVersionExA
SetEndOfFile
RaiseException
RtlUnwind
GetProcAddress
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
InterlockedDecrement
Sleep
HeapSize
SetHandleCount
GetFileType
GetStartupInfoA
SetEnvironmentVariableA
WideCharToMultiByte
SetEnvironmentVariableW
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringA
LCMapStringW
WriteFile
GetConsoleCP
GetConsoleMode
FlushFileBuffers
SetFilePointer
ReadFile
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
LoadLibraryA
GetTimeZoneInformation
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
CompareStringA

shell32

ShellExecuteA

Exports

Exports

CreateInterface
InternalSteamNumClientsConnectedToEngine
InternalSteamShouldShutdownEngine2
SteamAbortCall
SteamAbortOngoingUserIDTicketValidation
SteamAckSubscriptionReceipt
SteamBlockingCall
SteamChangeAccountName
SteamChangeEmailAddress
SteamChangeForgottenPassword
SteamChangeOfflineStatus
SteamChangePassword
SteamChangePersonalQA
SteamCheckAppOwnership
SteamCleanup
SteamClearError
SteamCloseFile
SteamCreateAccount
SteamCreateCachePreloaders
SteamCreateLogContext
SteamDecryptDataForThisMachine
SteamDeleteAccount
SteamEmu_GetGcfList
SteamEmu_GetLocalGcfCopy
SteamEmu_GetProperty
SteamEmu_GetWholeGcfCopy
SteamEncryptDataForThisMachine
SteamEnumerateApp
SteamEnumerateAppDependency
SteamEnumerateAppIcon
SteamEnumerateAppLaunchOption
SteamEnumerateAppVersion
SteamEnumerateSubscription
SteamEnumerateSubscriptionDiscount
SteamEnumerateSubscriptionDiscountQualifier
SteamFindApp
SteamFindClose
SteamFindFirst
SteamFindNext
SteamFindServersGetErrorString
SteamFindServersIterateServer
SteamFindServersNumServers
SteamFlushCache
SteamFlushFile
SteamForgetAllHints
SteamGenerateSuggestedAccountNames
SteamGetAccountStatus
SteamGetAppCacheSize
SteamGetAppDependencies
SteamGetAppDir
SteamGetAppIds
SteamGetAppPurchaseCountry
SteamGetAppStats
SteamGetAppUpdateStats
SteamGetAppUserDefinedInfo
SteamGetAppUserDefinedRecord
SteamGetCacheDecryptionKey
SteamGetCacheDefaultDirectory
SteamGetCacheFilePath
SteamGetContentServerInfo
SteamGetCurrentEmailAddress
SteamGetEncryptedNewValveCDKey
SteamGetEncryptedUserIDTicket
SteamGetEncryptionKeyToSendToNewClient
SteamGetLocalClientVersion
SteamGetLocalFileCopy
SteamGetNumAccountsWithEmailAddress
SteamGetOfflineStatus
SteamGetSponsorUrl
SteamGetSubscriptionExtendedInfo
SteamGetSubscriptionIds
SteamGetSubscriptionPurchaseCountry
SteamGetSubscriptionReceipt
SteamGetSubscriptionStats
SteamGetTotalUpdateStats
SteamGetUser
SteamGetUserType
SteamGetVersion
SteamGetc
SteamHintResourceNeed
SteamInitializeUserIDTicketValidator
SteamInsertAppDependency
SteamIsAccountNameInUse
SteamIsAppSubscribed
SteamIsCacheLoadingEnabled
SteamIsFileImmediatelyAvailable
SteamIsFileNeededByCache
SteamIsLoggedIn
SteamIsSecureComputer
SteamIsSubscribed
SteamLaunchApp
SteamLoadCacheFromDir
SteamLoadFileToCache
SteamLog
SteamLogResourceLoadFinished
SteamLogResourceLoadStarted
SteamLogin
SteamLogout
SteamMountAppFilesystem
SteamMountFilesystem
SteamMoveApp
SteamNumAppsRunning
SteamOpenFile
SteamOpenFileEx
SteamOpenTmpFile
SteamOptionalCleanUpAfterClientHasDisconnected
SteamPauseCachePreloading
SteamPrintFile
SteamProcessCall
SteamProcessOngoingUserIDTicketValidation
SteamPutc
SteamReadFile
SteamRefreshAccountInfo
SteamRefreshAccountInfoEx
SteamRefreshLogin
SteamRefreshMinimumFootprintFiles
SteamRemoveAppDependency
SteamRepairOrDecryptCaches
SteamRequestAccountsByCdKeyEmail
SteamRequestAccountsByEmailAddressEmail
SteamRequestEmailAddressVerificationEmail
SteamRequestForgottenPasswordEmail
SteamResumeCachePreloading
SteamSeekFile
SteamSetAppCacheSize
SteamSetAppVersion
SteamSetCacheDefaultDirectory
SteamSetMaxStallCount
SteamSetNotificationCallback
SteamSetUser
SteamSetvBuf
SteamShutdownEngine
SteamShutdownUserIDTicketValidator
SteamSizeFile
SteamStartEngine
SteamStartLoadingCache
SteamStartValidatingNewValveCDKey
SteamStartValidatingUserIDTicket
SteamStartup
SteamStat
SteamStopLoadingCache
SteamSubscribe
SteamTellFile
SteamUninstall
SteamUnmountAppFilesystem
SteamUnmountFilesystem
SteamUnsubscribe
SteamUpdateAccountBillingInfo
SteamUpdateSubscriptionBillingInfo
SteamVerifyEmailAddress
SteamVerifyPassword
SteamWaitForAppReadyToLaunch
SteamWaitForResources
SteamWasBlobRegistryDeleted
SteamWeakVerifyNewValveCDKey
SteamWriteFile
SteamWriteMiniDumpFromAssert
SteamWriteMiniDumpSetComment
SteamWriteMiniDumpUsingExceptionInfo
SteamWriteMiniDumpUsingExceptionInfoWithBuildId
_f

Sections

.text
Size: 204KB - Virtual size: 203KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
steamid_tool/ids.txt
steamid_tool/steamid_tool.exe
.exe windows:5 windows x86 arch:x86

290674a4a91d48f03696b769a298cb94

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetMessageA
TranslateMessage
DispatchMessageA
LoadCursorA
LoadIconA
RegisterClassA
GetSystemMetrics
CreateWindowExA
ShowWindow
UpdateWindow
SendMessageA
MessageBoxA
DestroyWindow
PostQuitMessage
DefWindowProcA

kernel32

InitializeCriticalSectionAndSpinCount
SetStdHandle
WriteConsoleW
WriteConsoleA
GetVolumeInformationA
GetModuleHandleA
LoadLibraryA
CreateFileW
GetLocaleInfoW
CreateFileA
SetEndOfFile
GetProcessHeap
GetConsoleOutputCP
TlsFree
InterlockedIncrement
InterlockedDecrement
Sleep
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
RtlUnwind
RaiseException
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetLastError
HeapFree
GetCommandLineA
GetStartupInfoA
MultiByteToWideChar
LCMapStringA
WideCharToMultiByte
LCMapStringW
GetCPInfo
GetModuleHandleW
GetProcAddress
TlsGetValue
TlsAlloc
TlsSetValue
SetLastError
GetCurrentThreadId
WriteFile
GetConsoleCP
GetConsoleMode
SetHandleCount
GetStdHandle
GetFileType
ReadFile
SetFilePointer
FlushFileBuffers
HeapAlloc
CloseHandle
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
ExitProcess
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
HeapSize
GetACP
GetOEMCP
IsValidCodePage
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
GetStringTypeA
GetStringTypeW

gdi32

CreateFontA
DeleteObject

advapi32

RegOpenKeyExA
RegQueryValueExA
RegCreateKeyExA
RegCloseKey
RegSetValueExA

comctl32

InitCommonControlsEx

Sections

.text
Size: 94KB - Virtual size: 93KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Обязательно прочитай.txt

Sharing

General

Malware Config

Signatures

Files

cd1d39461133455b73fe9e23dbe5e358

Headers

File Characteristics

Imports

advapi32

kernel32

Exports

Exports

Sections

.text Size: 73KB - Virtual size: 73KB

.rdata Size: 46KB - Virtual size: 46KB

.data Size: 31KB - Virtual size: 39KB

.rsrc Size: 1024B - Virtual size: 1024B

.reloc Size: 14KB - Virtual size: 13KB

43dd486d0387256774889079d23c8ebd

Headers

File Characteristics

Imports

user32

advapi32

kernel16

shell32

Exports

Exports

Sections

.text Size: 204KB - Virtual size: 203KB

.rdata Size: 52KB - Virtual size: 51KB

.data Size: 8KB - Virtual size: 17KB

.rsrc Size: 20KB - Virtual size: 19KB

.reloc Size: 16KB - Virtual size: 13KB

290674a4a91d48f03696b769a298cb94

Headers

DLL Characteristics

File Characteristics

Imports

user32

kernel32

gdi32

advapi32

comctl32

Sections

.text Size: 94KB - Virtual size: 93KB

.rdata Size: 18KB - Virtual size: 18KB

.data Size: 5KB - Virtual size: 12KB

.rsrc Size: 16KB - Virtual size: 15KB

.text
Size: 73KB - Virtual size: 73KB

.rdata
Size: 46KB - Virtual size: 46KB

.data
Size: 31KB - Virtual size: 39KB

.rsrc
Size: 1024B - Virtual size: 1024B

.reloc
Size: 14KB - Virtual size: 13KB

.text
Size: 204KB - Virtual size: 203KB

.rdata
Size: 52KB - Virtual size: 51KB

.data
Size: 8KB - Virtual size: 17KB

.rsrc
Size: 20KB - Virtual size: 19KB

.reloc
Size: 16KB - Virtual size: 13KB

.text
Size: 94KB - Virtual size: 93KB

.rdata
Size: 18KB - Virtual size: 18KB

.data
Size: 5KB - Virtual size: 12KB

.rsrc
Size: 16KB - Virtual size: 15KB