240119-fbqxbafaej_pw_infected[.]zip

Sharing

Copy URL

Twitter E-mail

General

Target

240119-fbqxbafaej_pw_infected.zip
Size

29.9MB
MD5

82778ac73efc526b04007b3b791569aa
SHA1

051bf6af9e600a59850b7f9bb24ceb8e4c27fccf
SHA256

04875f6b9fea4f9196faf9be560215373085b03d24a4c9a7e33cb280b918f69d
SHA512

47d01e3c84f9fbfe69b7dd7ac688e939781a7ce81895ff94c44584ba9874098488b006464ff02d7769c0ffdfb567f625269d823e0ed891b38c07bb0abbbefb6b
SSDEEP

786432:hzgagAE2TYR+Mu7dtYP6aiUSnIrv3YOW3KkuQ:1pgCTYR+Mgdk6ESnMVOf

Score

3^/10

Malware Config

Signatures

Unsigned PE 8 IoCs

Checks for missing Authenticode signature.

resource
unpack002/MSC_Fix_Repair_Steam_Generic/Launcher.exe
unpack002/MSC_Fix_Repair_Steam_Generic/OnlineFix64.dll
unpack002/MSC_Fix_Repair_Steam_Generic/SteamOverlay64.dll
unpack002/MSC_Fix_Repair_Steam_Generic/mysummercar_Data/Managed/0Harmony.dll
unpack002/MSC_Fix_Repair_Steam_Generic/mysummercar_Data/Managed/BeerMP.Preloader.dll
unpack002/MSC_Fix_Repair_Steam_Generic/mysummercar_Data/Managed/BeerMP.dll
unpack002/MSC_Fix_Repair_Steam_Generic/winhttp.dll
unpack002/MSC_Fix_Repair_Steam_Generic/winmm.dll

Files

240119-fbqxbafaej_pw_infected.zip
.zip

Password: infected
MSC_Fix_Repair_Steam_Generic.rar
.rar

Password: infected
MSC_Fix_Repair_Steam_Generic/Launcher.exe
.exe windows:6 windows x86 arch:x86

Password: infected

ff510448050ae8e644fd53aefa325d4e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleFileNameW
GetLastError
CreateProcessW
WriteConsoleW
HeapSize
CreateFileW
MultiByteToWideChar
GetStringTypeW
WideCharToMultiByte
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionEx
DeleteCriticalSection
EncodePointer
DecodePointer
LCMapStringEx
GetCPInfo
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
GetModuleHandleW
RtlUnwind
RaiseException
SetLastError
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
GetProcAddress
LoadLibraryExW
GetStdHandle
WriteFile
ExitProcess
GetModuleHandleExW
FlushFileBuffers
GetConsoleOutputCP
GetConsoleMode
HeapFree
CloseHandle
GetFileSizeEx
SetFilePointerEx
GetFileType
HeapAlloc
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
ReadFile
HeapReAlloc
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetStdHandle
GetProcessHeap
ReadConsoleW
SetEndOfFile

user32

MessageBoxW

Sections

.text
Size: 120KB - Virtual size: 119KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 51KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 137KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
MSC_Fix_Repair_Steam_Generic/OnlineFix.ini
MSC_Fix_Repair_Steam_Generic/OnlineFix.url
MSC_Fix_Repair_Steam_Generic/OnlineFix64.dll
.dll windows:6 windows x64 arch:x64

Password: infected

10c1b70987e42d05f256c6e82924ec7e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleA

user32

GetUserObjectInformationW

shell32

SHGetSpecialFolderPathA

ws2_32

ioctlsocket

wldap32

ord27

advapi32

RegisterEventSourceW

Exports

Exports

Breakpad_SteamMiniDumpInit
Breakpad_SteamSetAppID
Breakpad_SteamSetSteamID
Breakpad_SteamWriteMiniDumpSetComment
Breakpad_SteamWriteMiniDumpUsingExceptionInfoWithBuildId
CreateInterface
OnlineFix
ShellExecuteA
ShellExecuteW
Steam_BConnected
Steam_BGetCallback
Steam_BLoggedOn
Steam_BReleaseSteamPipe
Steam_ConnectToGlobalUser
Steam_CreateGlobalUser
Steam_CreateLocalUser
Steam_CreateSteamPipe
Steam_FreeLastCallback
Steam_GSBLoggedOn
Steam_GSBSecure
Steam_GSGetSteam2GetEncryptionKeyToSendToNewClient
Steam_GSGetSteamID
Steam_GSLogOff
Steam_GSLogOn
Steam_GSRemoveUserConnect
Steam_GSSendSteam2UserConnect
Steam_GSSendSteam3UserConnect
Steam_GSSendUserDisconnect
Steam_GSSendUserStatusResponse
Steam_GSSetServerType
Steam_GSSetSpawnCount
Steam_GSUpdateStatus
Steam_GetAPICallResult
Steam_GetGSHandle
Steam_InitiateGameConnection
Steam_LogOff
Steam_LogOn
Steam_ReleaseThreadLocalMemory
Steam_ReleaseUser
Steam_SetLocalIPBinding
Steam_TerminateGameConnection
hid_close
hid_enumerate
hid_error
hid_exit
hid_free_enumeration
hid_get_feature_report
hid_get_indexed_string
hid_get_manufacturer_string
hid_get_product_string
hid_get_serial_number_string
hid_init
hid_open
hid_open_path
hid_read
hid_read_timeout
hid_send_feature_report
hid_set_nonblocking
hid_write
hid_write_output_report

Sections

.text
Size: - Virtual size: 1.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 609KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 314KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: - Virtual size: 348B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.of0
Size: - Virtual size: 5.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.of1
Size: 512B - Virtual size: 152B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.of2
Size: 10.3MB - Virtual size: 10.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 664B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 284B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
MSC_Fix_Repair_Steam_Generic/SteamOverlay64.dll
.dll windows:6 windows x64 arch:x64

Password: infected

fd9c9736fbc202d1a20e83d97ea0979b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

CreateFileW
LoadLibraryExW
ExitProcess
CloseHandle
WriteConsoleW
GetLastError
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
GetModuleHandleW
RtlUnwindEx
RtlPcToFileHeader
RaiseException
InterlockedFlushSList
SetLastError
EncodePointer
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
GetProcAddress
GetModuleHandleExW
GetModuleFileNameW
HeapFree
HeapAlloc
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
MultiByteToWideChar
WideCharToMultiByte
GetEnvironmentStringsW
FreeEnvironmentStringsW
LCMapStringW
GetProcessHeap
GetStdHandle
GetFileType
GetStringTypeW
HeapSize
HeapReAlloc
SetStdHandle
FlushFileBuffers
WriteFile
GetConsoleOutputCP
GetConsoleMode
SetFilePointerEx

user32

MessageBoxW

advapi32

RegOpenKeyExW
RegQueryValueExW
RegCloseKey

Exports

Exports

OnlineFix

Sections

.text
Size: 62KB - Virtual size: 62KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 39KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 348B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 672B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
MSC_Fix_Repair_Steam_Generic/dlllist.txt
MSC_Fix_Repair_Steam_Generic/doorstop_config.ini
MSC_Fix_Repair_Steam_Generic/launch_data.of
MSC_Fix_Repair_Steam_Generic/mysummercar_Data/Managed/0Harmony.dll
.dll windows:4 windows x86 arch:x86

Password: infected

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 108KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
MSC_Fix_Repair_Steam_Generic/mysummercar_Data/Managed/BeerMP.Preloader.dll
.dll windows:4 windows x86 arch:x86

Password: infected

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 3.7MB - Virtual size: 3.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 912B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
MSC_Fix_Repair_Steam_Generic/mysummercar_Data/Managed/BeerMP.dll
.dll windows:4 windows x86 arch:x86

Password: infected

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 18.4MB - Virtual size: 18.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 872B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
MSC_Fix_Repair_Steam_Generic/mysummercar_Data/Managed/discord_game_sdk.dll
.dll windows:6 windows x64 arch:x64

Password: infected

e2e8552d3acf24f9596a702c655d73d8

Code Sign

02:8a:a6:e7:b5:16:c0:d1:55:f1:5d:62:90:a4:30:e3
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

26/03/2018, 00:00

Not After

31/03/2021, 12:00

Subject

SERIALNUMBER=5128862,CN=Discord Inc.,O=Discord Inc.,L=San Francisco,ST=California,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130844656c6177617265,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

03:01:9a:02:3a:ff:58:b1:6b:d6:d5:ea:e6:17:f0:66
Certificate

Issuer

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2014, 00:00

Not After

22/10/2024, 00:00

Subject

CN=DigiCert Timestamp Responder,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

06:fd:f9:03:96:03:ad:ea:00:0a:eb:3f:27:bb:ba:1b
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

10/11/2006, 00:00

Not After

10/11/2021, 00:00

Subject

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageEmailProtection
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

1b:64:b0:ac:d8:16:1d:e5:87:74:8b:bc:b7:69:1b:a6:ef:fe:9d:d6
Signer

Actual PE Digest

1b:64:b0:ac:d8:16:1d:e5:87:74:8b:bc:b7:69:1b:a6:ef:fe:9d:d6

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

ws2_32

closesocket
sendto
getaddrinfo
WSAStartup
freeaddrinfo
WSACleanup
WSASocketW
ioctlsocket
recv
bind
WSAGetLastError

kernel32

LCMapStringW
WideCharToMultiByte
MultiByteToWideChar
GetCommandLineA
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
FindFirstFileExW
GetModuleHandleExW
LoadLibraryExW
TlsFree
InitializeCriticalSectionAndSpinCount
EncodePointer
LoadLibraryW
GetLastError
GetProcAddress
FreeLibrary
GetModuleFileNameW
SetErrorMode
SetThreadErrorMode
lstrlenW
WaitForSingleObject
GetExitCodeProcess
CloseHandle
GetFileInformationByHandle
CancelIoEx
WriteFile
ReadFile
GetOverlappedResult
FlushFileBuffers
CreateIoCompletionPort
GetQueuedCompletionStatusEx
PostQueuedCompletionStatus
SetHandleInformation
GetSystemInfo
RtlVirtualUnwind
GetSystemTimeAsFileTime
QueryPerformanceCounter
QueryPerformanceFrequency
GetCurrentThread
RtlCaptureContext
LoadLibraryA
DeleteCriticalSection
LeaveCriticalSection
FreeEnvironmentStringsW
FindClose
SwitchToThread
SetLastError
GetCurrentDirectoryW
GetEnvironmentStringsW
GetEnvironmentVariableW
GetTempPathW
GetCommandLineW
SetFilePointerEx
InitializeCriticalSection
EnterCriticalSection
TerminateProcess
GetCurrentProcessId
GetProcessHeap
HeapAlloc
TlsAlloc
TlsGetValue
TlsSetValue
HeapReAlloc
GetModuleHandleW
GetStdHandle
FindNextFileW
CreateFileW
DeviceIoControl
CreateDirectoryW
FindFirstFileW
DeleteFileW
FormatMessageW
ExitProcess
CreateThread
GetConsoleMode
WriteConsoleW
ReleaseMutex
WaitForSingleObjectEx
CreateMutexA
InterlockedFlushSList
GetFileType
GetStringTypeW
HeapSize
SetStdHandle
GetConsoleCP
GetCurrentProcess
HeapFree
RaiseException
RtlPcToFileHeader
RtlUnwindEx
IsProcessorFeaturePresent
GetStartupInfoW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsDebuggerPresent
RtlLookupFunctionEntry
InitializeSListHead
GetCurrentThreadId

advapi32

SystemFunction036
RegCloseKey
RegCreateKeyTransactedW
RegSetValueExW
RegQueryValueExW
RegOpenKeyExW

ktmw32

CommitTransaction
CreateTransaction

ole32

CoTaskMemFree

shell32

ShellExecuteExW
SHGetKnownFolderPath

Exports

Exports

DiscordCreate
DiscordVersion
rust_eh_personality

Sections

.text
Size: 2.7MB - Virtual size: 2.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 851KB - Virtual size: 851KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 130KB - Virtual size: 129KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
MSC_Fix_Repair_Steam_Generic/steam_api64.dll
.dll windows:5 windows x64 arch:x64

477f42e8df284016fc9a7250f8f9a472

Code Sign

0c:e7:e0:e5:17:d8:46:fe:8f:e5:60:fc:1b:f0:30:39
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

10/11/2006, 00:00

Not After

10/11/2031, 00:00

Subject

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

08:4c:af:4d:f4:99:14:1d:40:4b:71:99:aa:2c:21:31
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

25/09/2015, 00:00

Not After

03/10/2018, 12:00

Subject

CN=Valve,O=Valve,L=Bellevue,ST=WA,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2013, 12:00

Not After

22/10/2028, 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

e5:51:ad:3b:c2:55:87:c2:6b:b3:c3:72:55:be:0b:eb:f6:d2:14:66
Signer

Actual PE Digest

e5:51:ad:3b:c2:55:87:c2:6b:b3:c3:72:55:be:0b:eb:f6:d2:14:66

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
LoadLibraryExA
LoadLibraryExW
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleExW
GetExitCodeProcess
GetEnvironmentVariableA
SetEnvironmentVariableA
OutputDebugStringA
GetFileAttributesW
MultiByteToWideChar
WideCharToMultiByte
OpenProcess
FreeLibrary
GetCommandLineW
GetProcAddress
CreateFileW
WriteConsoleW
EncodePointer
DecodePointer
GetLastError
HeapFree
HeapAlloc
RtlPcToFileHeader
RaiseException
RtlLookupFunctionEntry
RtlUnwindEx
EnterCriticalSection
LeaveCriticalSection
GetCommandLineA
GetCurrentThreadId
IsProcessorFeaturePresent
ExitProcess
AreFileApisANSI
HeapSize
GetProcessHeap
GetStdHandle
WriteFile
SetLastError
IsDebuggerPresent
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
DeleteCriticalSection
GetFileType
GetStartupInfoW
GetModuleFileNameA
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetEnvironmentStringsW
FreeEnvironmentStringsW
RtlCaptureContext
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
Sleep
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleW
LCMapStringW
HeapReAlloc
OutputDebugStringW
GetStringTypeW
FlushFileBuffers
GetConsoleCP
GetConsoleMode
SetStdHandle
ReadFile
ReadConsoleW
SetFilePointerEx
SetEndOfFile

advapi32

RegOpenKeyExW
RegCloseKey
RegQueryValueExW

shell32

ShellExecuteW

Exports

Exports

CAssociateWithClanResult_t_RemoveCallResult
CAssociateWithClanResult_t_SetCallResult
CCheckFileSignature_t_RemoveCallResult
CCheckFileSignature_t_SetCallResult
CClanOfficerListResponse_t_RemoveCallResult
CClanOfficerListResponse_t_SetCallResult
CComputeNewPlayerCompatibilityResult_t_RemoveCallResult
CComputeNewPlayerCompatibilityResult_t_SetCallResult
CCreateItemResult_t_RemoveCallResult
CCreateItemResult_t_SetCallResult
CEncryptedAppTicketResponse_t_RemoveCallResult
CEncryptedAppTicketResponse_t_SetCallResult
CFileDetailsResult_t_RemoveCallResult
CFileDetailsResult_t_SetCallResult
CFriendsEnumerateFollowingList_t_RemoveCallResult
CFriendsEnumerateFollowingList_t_SetCallResult
CFriendsGetFollowerCount_t_RemoveCallResult
CFriendsGetFollowerCount_t_SetCallResult
CFriendsIsFollowing_t_RemoveCallResult
CFriendsIsFollowing_t_SetCallResult
CGSReputation_t_RemoveCallResult
CGSReputation_t_SetCallResult
CGSStatsReceived_t_RemoveCallResult
CGSStatsReceived_t_SetCallResult
CGSStatsStored_t_RemoveCallResult
CGSStatsStored_t_SetCallResult
CGetUserItemVoteResult_t_RemoveCallResult
CGetUserItemVoteResult_t_SetCallResult
CGlobalAchievementPercentagesReady_t_RemoveCallResult
CGlobalAchievementPercentagesReady_t_SetCallResult
CGlobalStatsReceived_t_RemoveCallResult
CGlobalStatsReceived_t_SetCallResult
CHTML_BrowserReady_t_RemoveCallResult
CHTML_BrowserReady_t_SetCallResult
CJoinClanChatRoomCompletionResult_t_RemoveCallResult
CJoinClanChatRoomCompletionResult_t_SetCallResult
CLeaderboardFindResult_t_RemoveCallResult
CLeaderboardFindResult_t_SetCallResult
CLeaderboardScoreUploaded_t_RemoveCallResult
CLeaderboardScoreUploaded_t_SetCallResult
CLeaderboardScoresDownloaded_t_RemoveCallResult
CLeaderboardScoresDownloaded_t_SetCallResult
CLeaderboardUGCSet_t_RemoveCallResult
CLeaderboardUGCSet_t_SetCallResult
CLobbyCreated_t_RemoveCallResult
CLobbyCreated_t_SetCallResult
CLobbyEnter_t_RemoveCallResult
CLobbyEnter_t_SetCallResult
CLobbyMatchList_t_RemoveCallResult
CLobbyMatchList_t_SetCallResult
CNumberOfCurrentPlayers_t_RemoveCallResult
CNumberOfCurrentPlayers_t_SetCallResult
CRemoteStorageDeletePublishedFileResult_t_RemoveCallResult
CRemoteStorageDeletePublishedFileResult_t_SetCallResult
CRemoteStorageDownloadUGCResult_t_RemoveCallResult
CRemoteStorageDownloadUGCResult_t_SetCallResult
CRemoteStorageEnumeratePublishedFilesByUserActionResult_t_RemoveCallResult
CRemoteStorageEnumeratePublishedFilesByUserActionResult_t_SetCallResult
CRemoteStorageEnumerateUserPublishedFilesResult_t_RemoveCallResult
CRemoteStorageEnumerateUserPublishedFilesResult_t_SetCallResult
CRemoteStorageEnumerateUserSubscribedFilesResult_t_RemoveCallResult
CRemoteStorageEnumerateUserSubscribedFilesResult_t_SetCallResult
CRemoteStorageEnumerateWorkshopFilesResult_t_RemoveCallResult
CRemoteStorageEnumerateWorkshopFilesResult_t_SetCallResult
CRemoteStorageFileReadAsyncComplete_t_RemoveCallResult
CRemoteStorageFileReadAsyncComplete_t_SetCallResult
CRemoteStorageFileShareResult_t_RemoveCallResult
CRemoteStorageFileShareResult_t_SetCallResult
CRemoteStorageFileWriteAsyncComplete_t_RemoveCallResult
CRemoteStorageFileWriteAsyncComplete_t_SetCallResult
CRemoteStorageGetPublishedFileDetailsResult_t_RemoveCallResult
CRemoteStorageGetPublishedFileDetailsResult_t_SetCallResult
CRemoteStorageGetPublishedItemVoteDetailsResult_t_RemoveCallResult
CRemoteStorageGetPublishedItemVoteDetailsResult_t_SetCallResult
CRemoteStoragePublishFileProgress_t_RemoveCallResult
CRemoteStoragePublishFileProgress_t_SetCallResult
CRemoteStorageSetUserPublishedFileActionResult_t_RemoveCallResult
CRemoteStorageSetUserPublishedFileActionResult_t_SetCallResult
CRemoteStorageSubscribePublishedFileResult_t_RemoveCallResult
CRemoteStorageSubscribePublishedFileResult_t_SetCallResult
CRemoteStorageUnsubscribePublishedFileResult_t_RemoveCallResult
CRemoteStorageUnsubscribePublishedFileResult_t_SetCallResult
CRemoteStorageUpdatePublishedFileResult_t_RemoveCallResult
CRemoteStorageUpdatePublishedFileResult_t_SetCallResult
CRemoteStorageUpdateUserPublishedItemVoteResult_t_RemoveCallResult
CRemoteStorageUpdateUserPublishedItemVoteResult_t_SetCallResult
CSetPersonaNameResponse_t_RemoveCallResult
CSetPersonaNameResponse_t_SetCallResult
CSetUserItemVoteResult_t_RemoveCallResult
CSetUserItemVoteResult_t_SetCallResult
CStartPlaytimeTrackingResult_t_RemoveCallResult
CStartPlaytimeTrackingResult_t_SetCallResult
CSteamInventoryEligiblePromoItemDefIDs_t_RemoveCallResult
CSteamInventoryEligiblePromoItemDefIDs_t_SetCallResult
CSteamUGCQueryCompleted_t_RemoveCallResult
CSteamUGCQueryCompleted_t_SetCallResult
CStopPlaytimeTrackingResult_t_RemoveCallResult
CStopPlaytimeTrackingResult_t_SetCallResult
CStoreAuthURLResponse_t_RemoveCallResult
CStoreAuthURLResponse_t_SetCallResult
CSubmitItemUpdateResult_t_RemoveCallResult
CSubmitItemUpdateResult_t_SetCallResult
CUserFavoriteItemsListChanged_t_RemoveCallResult
CUserFavoriteItemsListChanged_t_SetCallResult
CUserStatsReceived_t_RemoveCallResult
CUserStatsReceived_t_RemoveCallback
CUserStatsReceived_t_SetCallResult
CUserStatsReceived_t_SetCallback
GetHSteamPipe
GetHSteamUser
SteamAPI_GetHSteamPipe
SteamAPI_GetHSteamUser
SteamAPI_GetSteamInstallPath
SteamAPI_ISteamAppList_GetAppBuildId
SteamAPI_ISteamAppList_GetAppInstallDir
SteamAPI_ISteamAppList_GetAppName
SteamAPI_ISteamAppList_GetInstalledApps
SteamAPI_ISteamAppList_GetNumInstalledApps
SteamAPI_ISteamApps_BGetDLCDataByIndex
SteamAPI_ISteamApps_BIsAppInstalled
SteamAPI_ISteamApps_BIsCybercafe
SteamAPI_ISteamApps_BIsDlcInstalled
SteamAPI_ISteamApps_BIsLowViolence
SteamAPI_ISteamApps_BIsSubscribed
SteamAPI_ISteamApps_BIsSubscribedApp
SteamAPI_ISteamApps_BIsSubscribedFromFreeWeekend
SteamAPI_ISteamApps_BIsVACBanned
SteamAPI_ISteamApps_GetAppBuildId
SteamAPI_ISteamApps_GetAppInstallDir
SteamAPI_ISteamApps_GetAppOwner
SteamAPI_ISteamApps_GetAvailableGameLanguages
SteamAPI_ISteamApps_GetCurrentBetaName
SteamAPI_ISteamApps_GetCurrentGameLanguage
SteamAPI_ISteamApps_GetDLCCount
SteamAPI_ISteamApps_GetDlcDownloadProgress
SteamAPI_ISteamApps_GetEarliestPurchaseUnixTime
SteamAPI_ISteamApps_GetFileDetails
SteamAPI_ISteamApps_GetInstalledDepots
SteamAPI_ISteamApps_GetLaunchQueryParam
SteamAPI_ISteamApps_InstallDLC
SteamAPI_ISteamApps_MarkContentCorrupt
SteamAPI_ISteamApps_RequestAllProofOfPurchaseKeys
SteamAPI_ISteamApps_RequestAppProofOfPurchaseKey
SteamAPI_ISteamApps_UninstallDLC
SteamAPI_ISteamClient_BReleaseSteamPipe
SteamAPI_ISteamClient_BShutdownIfAllPipesClosed
SteamAPI_ISteamClient_ConnectToGlobalUser
SteamAPI_ISteamClient_CreateLocalUser
SteamAPI_ISteamClient_CreateSteamPipe
SteamAPI_ISteamClient_GetIPCCallCount
SteamAPI_ISteamClient_GetISteamAppList
SteamAPI_ISteamClient_GetISteamApps
SteamAPI_ISteamClient_GetISteamController
SteamAPI_ISteamClient_GetISteamFriends
SteamAPI_ISteamClient_GetISteamGameServer
SteamAPI_ISteamClient_GetISteamGameServerStats
SteamAPI_ISteamClient_GetISteamGenericInterface
SteamAPI_ISteamClient_GetISteamHTMLSurface
SteamAPI_ISteamClient_GetISteamHTTP
SteamAPI_ISteamClient_GetISteamInventory
SteamAPI_ISteamClient_GetISteamMatchmaking
SteamAPI_ISteamClient_GetISteamMatchmakingServers
SteamAPI_ISteamClient_GetISteamMusic
SteamAPI_ISteamClient_GetISteamMusicRemote
SteamAPI_ISteamClient_GetISteamNetworking
SteamAPI_ISteamClient_GetISteamRemoteStorage
SteamAPI_ISteamClient_GetISteamScreenshots
SteamAPI_ISteamClient_GetISteamUGC
SteamAPI_ISteamClient_GetISteamUnifiedMessages
SteamAPI_ISteamClient_GetISteamUser
SteamAPI_ISteamClient_GetISteamUserStats
SteamAPI_ISteamClient_GetISteamUtils
SteamAPI_ISteamClient_GetISteamVideo
SteamAPI_ISteamClient_ReleaseUser
SteamAPI_ISteamClient_SetLocalIPBinding
SteamAPI_ISteamClient_SetWarningMessageHook
SteamAPI_ISteamController_ActivateActionSet
SteamAPI_ISteamController_GetActionSetHandle
SteamAPI_ISteamController_GetAnalogActionData
SteamAPI_ISteamController_GetAnalogActionHandle
SteamAPI_ISteamController_GetAnalogActionOrigins
SteamAPI_ISteamController_GetConnectedControllers
SteamAPI_ISteamController_GetControllerForGamepadIndex
SteamAPI_ISteamController_GetCurrentActionSet
SteamAPI_ISteamController_GetDigitalActionData
SteamAPI_ISteamController_GetDigitalActionHandle
SteamAPI_ISteamController_GetDigitalActionOrigins
SteamAPI_ISteamController_GetGamepadIndexForController
SteamAPI_ISteamController_GetGlyphForActionOrigin
SteamAPI_ISteamController_GetMotionData
SteamAPI_ISteamController_GetStringForActionOrigin
SteamAPI_ISteamController_Init
SteamAPI_ISteamController_RunFrame
SteamAPI_ISteamController_SetLEDColor
SteamAPI_ISteamController_ShowAnalogActionOrigins
SteamAPI_ISteamController_ShowBindingPanel
SteamAPI_ISteamController_ShowDigitalActionOrigins
SteamAPI_ISteamController_Shutdown
SteamAPI_ISteamController_StopAnalogActionMomentum
SteamAPI_ISteamController_TriggerHapticPulse
SteamAPI_ISteamController_TriggerRepeatedHapticPulse
SteamAPI_ISteamController_TriggerVibration
SteamAPI_ISteamFriends_ActivateGameOverlay
SteamAPI_ISteamFriends_ActivateGameOverlayInviteDialog
SteamAPI_ISteamFriends_ActivateGameOverlayToStore
SteamAPI_ISteamFriends_ActivateGameOverlayToUser
SteamAPI_ISteamFriends_ActivateGameOverlayToWebPage
SteamAPI_ISteamFriends_ClearRichPresence
SteamAPI_ISteamFriends_CloseClanChatWindowInSteam
SteamAPI_ISteamFriends_DownloadClanActivityCounts
SteamAPI_ISteamFriends_EnumerateFollowingList
SteamAPI_ISteamFriends_GetChatMemberByIndex
SteamAPI_ISteamFriends_GetClanActivityCounts
SteamAPI_ISteamFriends_GetClanByIndex
SteamAPI_ISteamFriends_GetClanChatMemberCount
SteamAPI_ISteamFriends_GetClanChatMessage
SteamAPI_ISteamFriends_GetClanCount
SteamAPI_ISteamFriends_GetClanName
SteamAPI_ISteamFriends_GetClanOfficerByIndex
SteamAPI_ISteamFriends_GetClanOfficerCount
SteamAPI_ISteamFriends_GetClanOwner
SteamAPI_ISteamFriends_GetClanTag
SteamAPI_ISteamFriends_GetCoplayFriend
SteamAPI_ISteamFriends_GetCoplayFriendCount
SteamAPI_ISteamFriends_GetFollowerCount
SteamAPI_ISteamFriends_GetFriendByIndex
SteamAPI_ISteamFriends_GetFriendCoplayGame
SteamAPI_ISteamFriends_GetFriendCoplayTime
SteamAPI_ISteamFriends_GetFriendCount
SteamAPI_ISteamFriends_GetFriendCountFromSource
SteamAPI_ISteamFriends_GetFriendFromSourceByIndex
SteamAPI_ISteamFriends_GetFriendGamePlayed
SteamAPI_ISteamFriends_GetFriendMessage
SteamAPI_ISteamFriends_GetFriendPersonaName
SteamAPI_ISteamFriends_GetFriendPersonaNameHistory
SteamAPI_ISteamFriends_GetFriendPersonaState
SteamAPI_ISteamFriends_GetFriendRelationship
SteamAPI_ISteamFriends_GetFriendRichPresence
SteamAPI_ISteamFriends_GetFriendRichPresenceKeyByIndex
SteamAPI_ISteamFriends_GetFriendRichPresenceKeyCount
SteamAPI_ISteamFriends_GetFriendSteamLevel
SteamAPI_ISteamFriends_GetFriendsGroupCount
SteamAPI_ISteamFriends_GetFriendsGroupIDByIndex
SteamAPI_ISteamFriends_GetFriendsGroupMembersCount
SteamAPI_ISteamFriends_GetFriendsGroupMembersList
SteamAPI_ISteamFriends_GetFriendsGroupName
SteamAPI_ISteamFriends_GetLargeFriendAvatar
SteamAPI_ISteamFriends_GetMediumFriendAvatar
SteamAPI_ISteamFriends_GetPersonaName
SteamAPI_ISteamFriends_GetPersonaState
SteamAPI_ISteamFriends_GetPlayerNickname
SteamAPI_ISteamFriends_GetSmallFriendAvatar
SteamAPI_ISteamFriends_GetUserRestrictions
SteamAPI_ISteamFriends_HasFriend
SteamAPI_ISteamFriends_InviteUserToGame
SteamAPI_ISteamFriends_IsClanChatAdmin
SteamAPI_ISteamFriends_IsClanChatWindowOpenInSteam
SteamAPI_ISteamFriends_IsFollowing
SteamAPI_ISteamFriends_IsUserInSource
SteamAPI_ISteamFriends_JoinClanChatRoom
SteamAPI_ISteamFriends_LeaveClanChatRoom
SteamAPI_ISteamFriends_OpenClanChatWindowInSteam
SteamAPI_ISteamFriends_ReplyToFriendMessage
SteamAPI_ISteamFriends_RequestClanOfficerList
SteamAPI_ISteamFriends_RequestFriendRichPresence
SteamAPI_ISteamFriends_RequestUserInformation
SteamAPI_ISteamFriends_SendClanChatMessage
SteamAPI_ISteamFriends_SetInGameVoiceSpeaking
SteamAPI_ISteamFriends_SetListenForFriendsMessages
SteamAPI_ISteamFriends_SetPersonaName
SteamAPI_ISteamFriends_SetPlayedWith
SteamAPI_ISteamFriends_SetRichPresence
SteamAPI_ISteamGameServerStats_ClearUserAchievement
SteamAPI_ISteamGameServerStats_GetUserAchievement
SteamAPI_ISteamGameServerStats_GetUserStat
SteamAPI_ISteamGameServerStats_GetUserStat0
SteamAPI_ISteamGameServerStats_RequestUserStats
SteamAPI_ISteamGameServerStats_SetUserAchievement
SteamAPI_ISteamGameServerStats_SetUserStat
SteamAPI_ISteamGameServerStats_SetUserStat0
SteamAPI_ISteamGameServerStats_StoreUserStats
SteamAPI_ISteamGameServerStats_UpdateUserAvgRateStat
SteamAPI_ISteamGameServer_AssociateWithClan
SteamAPI_ISteamGameServer_BLoggedOn
SteamAPI_ISteamGameServer_BSecure
SteamAPI_ISteamGameServer_BUpdateUserData
SteamAPI_ISteamGameServer_BeginAuthSession
SteamAPI_ISteamGameServer_CancelAuthTicket
SteamAPI_ISteamGameServer_ClearAllKeyValues
SteamAPI_ISteamGameServer_ComputeNewPlayerCompatibility
SteamAPI_ISteamGameServer_CreateUnauthenticatedUserConnection
SteamAPI_ISteamGameServer_EnableHeartbeats
SteamAPI_ISteamGameServer_EndAuthSession
SteamAPI_ISteamGameServer_ForceHeartbeat
SteamAPI_ISteamGameServer_GetAuthSessionTicket
SteamAPI_ISteamGameServer_GetGameplayStats
SteamAPI_ISteamGameServer_GetNextOutgoingPacket
SteamAPI_ISteamGameServer_GetPublicIP
SteamAPI_ISteamGameServer_GetServerReputation
SteamAPI_ISteamGameServer_GetSteamID
SteamAPI_ISteamGameServer_HandleIncomingPacket
SteamAPI_ISteamGameServer_InitGameServer
SteamAPI_ISteamGameServer_LogOff
SteamAPI_ISteamGameServer_LogOn
SteamAPI_ISteamGameServer_LogOnAnonymous
SteamAPI_ISteamGameServer_RequestUserGroupStatus
SteamAPI_ISteamGameServer_SendUserConnectAndAuthenticate
SteamAPI_ISteamGameServer_SendUserDisconnect
SteamAPI_ISteamGameServer_SetBotPlayerCount
SteamAPI_ISteamGameServer_SetDedicatedServer
SteamAPI_ISteamGameServer_SetGameData
SteamAPI_ISteamGameServer_SetGameDescription
SteamAPI_ISteamGameServer_SetGameTags
SteamAPI_ISteamGameServer_SetHeartbeatInterval
SteamAPI_ISteamGameServer_SetKeyValue
SteamAPI_ISteamGameServer_SetMapName
SteamAPI_ISteamGameServer_SetMaxPlayerCount
SteamAPI_ISteamGameServer_SetModDir
SteamAPI_ISteamGameServer_SetPasswordProtected
SteamAPI_ISteamGameServer_SetProduct
SteamAPI_ISteamGameServer_SetRegion
SteamAPI_ISteamGameServer_SetServerName
SteamAPI_ISteamGameServer_SetSpectatorPort
SteamAPI_ISteamGameServer_SetSpectatorServerName
SteamAPI_ISteamGameServer_UserHasLicenseForApp
SteamAPI_ISteamGameServer_WasRestartRequested
SteamAPI_ISteamHTMLSurface_AddHeader
SteamAPI_ISteamHTMLSurface_AllowStartRequest
SteamAPI_ISteamHTMLSurface_CopyToClipboard
SteamAPI_ISteamHTMLSurface_CreateBrowser
SteamAPI_ISteamHTMLSurface_DestructISteamHTMLSurface
SteamAPI_ISteamHTMLSurface_ExecuteJavascript
SteamAPI_ISteamHTMLSurface_Find
SteamAPI_ISteamHTMLSurface_GetLinkAtPosition
SteamAPI_ISteamHTMLSurface_GoBack
SteamAPI_ISteamHTMLSurface_GoForward
SteamAPI_ISteamHTMLSurface_Init
SteamAPI_ISteamHTMLSurface_JSDialogResponse
SteamAPI_ISteamHTMLSurface_KeyChar
SteamAPI_ISteamHTMLSurface_KeyDown
SteamAPI_ISteamHTMLSurface_KeyUp
SteamAPI_ISteamHTMLSurface_LoadURL
SteamAPI_ISteamHTMLSurface_MouseDoubleClick
SteamAPI_ISteamHTMLSurface_MouseDown
SteamAPI_ISteamHTMLSurface_MouseMove
SteamAPI_ISteamHTMLSurface_MouseUp
SteamAPI_ISteamHTMLSurface_MouseWheel
SteamAPI_ISteamHTMLSurface_PasteFromClipboard
SteamAPI_ISteamHTMLSurface_Reload
SteamAPI_ISteamHTMLSurface_RemoveBrowser
SteamAPI_ISteamHTMLSurface_SetBackgroundMode
SteamAPI_ISteamHTMLSurface_SetCookie
SteamAPI_ISteamHTMLSurface_SetHorizontalScroll
SteamAPI_ISteamHTMLSurface_SetKeyFocus
SteamAPI_ISteamHTMLSurface_SetPageScaleFactor
SteamAPI_ISteamHTMLSurface_SetSize
SteamAPI_ISteamHTMLSurface_SetVerticalScroll
SteamAPI_ISteamHTMLSurface_Shutdown
SteamAPI_ISteamHTMLSurface_StopFind
SteamAPI_ISteamHTMLSurface_StopLoad
SteamAPI_ISteamHTMLSurface_ViewSource
SteamAPI_ISteamHTTP_CreateCookieContainer
SteamAPI_ISteamHTTP_CreateHTTPRequest
SteamAPI_ISteamHTTP_DeferHTTPRequest
SteamAPI_ISteamHTTP_GetHTTPDownloadProgressPct
SteamAPI_ISteamHTTP_GetHTTPRequestWasTimedOut
SteamAPI_ISteamHTTP_GetHTTPResponseBodyData
SteamAPI_ISteamHTTP_GetHTTPResponseBodySize
SteamAPI_ISteamHTTP_GetHTTPResponseHeaderSize
SteamAPI_ISteamHTTP_GetHTTPResponseHeaderValue
SteamAPI_ISteamHTTP_GetHTTPStreamingResponseBodyData
SteamAPI_ISteamHTTP_PrioritizeHTTPRequest
SteamAPI_ISteamHTTP_ReleaseCookieContainer
SteamAPI_ISteamHTTP_ReleaseHTTPRequest
SteamAPI_ISteamHTTP_SendHTTPRequest
SteamAPI_ISteamHTTP_SendHTTPRequestAndStreamResponse
SteamAPI_ISteamHTTP_SetCookie
SteamAPI_ISteamHTTP_SetHTTPRequestAbsoluteTimeoutMS
SteamAPI_ISteamHTTP_SetHTTPRequestContextValue
SteamAPI_ISteamHTTP_SetHTTPRequestCookieContainer
SteamAPI_ISteamHTTP_SetHTTPRequestGetOrPostParameter
SteamAPI_ISteamHTTP_SetHTTPRequestHeaderValue
SteamAPI_ISteamHTTP_SetHTTPRequestNetworkActivityTimeout
SteamAPI_ISteamHTTP_SetHTTPRequestRawPostBody
SteamAPI_ISteamHTTP_SetHTTPRequestRequiresVerifiedCertificate
SteamAPI_ISteamHTTP_SetHTTPRequestUserAgentInfo
SteamAPI_ISteamInventory_AddPromoItem
SteamAPI_ISteamInventory_AddPromoItems
SteamAPI_ISteamInventory_CheckResultSteamID
SteamAPI_ISteamInventory_ConsumeItem
SteamAPI_ISteamInventory_DeserializeResult
SteamAPI_ISteamInventory_DestroyResult
SteamAPI_ISteamInventory_ExchangeItems
SteamAPI_ISteamInventory_GenerateItems
SteamAPI_ISteamInventory_GetAllItems
SteamAPI_ISteamInventory_GetEligiblePromoItemDefinitionIDs
SteamAPI_ISteamInventory_GetItemDefinitionIDs
SteamAPI_ISteamInventory_GetItemDefinitionProperty
SteamAPI_ISteamInventory_GetItemsByID
SteamAPI_ISteamInventory_GetResultItems
SteamAPI_ISteamInventory_GetResultStatus
SteamAPI_ISteamInventory_GetResultTimestamp
SteamAPI_ISteamInventory_GrantPromoItems
SteamAPI_ISteamInventory_LoadItemDefinitions
SteamAPI_ISteamInventory_RequestEligiblePromoItemDefinitionsIDs
SteamAPI_ISteamInventory_SendItemDropHeartbeat
SteamAPI_ISteamInventory_SerializeResult
SteamAPI_ISteamInventory_TradeItems
SteamAPI_ISteamInventory_TransferItemQuantity
SteamAPI_ISteamInventory_TriggerItemDrop
SteamAPI_ISteamMatchmakingPingResponse_ServerFailedToRespond
SteamAPI_ISteamMatchmakingPingResponse_ServerResponded
SteamAPI_ISteamMatchmakingPlayersResponse_AddPlayerToList
SteamAPI_ISteamMatchmakingPlayersResponse_PlayersFailedToRespond
SteamAPI_ISteamMatchmakingPlayersResponse_PlayersRefreshComplete
SteamAPI_ISteamMatchmakingRulesResponse_RulesFailedToRespond
SteamAPI_ISteamMatchmakingRulesResponse_RulesRefreshComplete
SteamAPI_ISteamMatchmakingRulesResponse_RulesResponded
SteamAPI_ISteamMatchmakingServerListResponse_RefreshComplete
SteamAPI_ISteamMatchmakingServerListResponse_ServerFailedToRespond
SteamAPI_ISteamMatchmakingServerListResponse_ServerResponded
SteamAPI_ISteamMatchmakingServers_CancelQuery
SteamAPI_ISteamMatchmakingServers_CancelServerQuery
SteamAPI_ISteamMatchmakingServers_GetServerCount
SteamAPI_ISteamMatchmakingServers_GetServerDetails
SteamAPI_ISteamMatchmakingServers_IsRefreshing
SteamAPI_ISteamMatchmakingServers_PingServer
SteamAPI_ISteamMatchmakingServers_PlayerDetails
SteamAPI_ISteamMatchmakingServers_RefreshQuery
SteamAPI_ISteamMatchmakingServers_RefreshServer
SteamAPI_ISteamMatchmakingServers_ReleaseRequest
SteamAPI_ISteamMatchmakingServers_RequestFavoritesServerList
SteamAPI_ISteamMatchmakingServers_RequestFriendsServerList
SteamAPI_ISteamMatchmakingServers_RequestHistoryServerList
SteamAPI_ISteamMatchmakingServers_RequestInternetServerList
SteamAPI_ISteamMatchmakingServers_RequestLANServerList
SteamAPI_ISteamMatchmakingServers_RequestSpectatorServerList
SteamAPI_ISteamMatchmakingServers_ServerRules
SteamAPI_ISteamMatchmaking_AddFavoriteGame
SteamAPI_ISteamMatchmaking_AddRequestLobbyListCompatibleMembersFilter
SteamAPI_ISteamMatchmaking_AddRequestLobbyListDistanceFilter
SteamAPI_ISteamMatchmaking_AddRequestLobbyListFilterSlotsAvailable
SteamAPI_ISteamMatchmaking_AddRequestLobbyListNearValueFilter
SteamAPI_ISteamMatchmaking_AddRequestLobbyListNumericalFilter
SteamAPI_ISteamMatchmaking_AddRequestLobbyListResultCountFilter
SteamAPI_ISteamMatchmaking_AddRequestLobbyListStringFilter
SteamAPI_ISteamMatchmaking_CreateLobby
SteamAPI_ISteamMatchmaking_DeleteLobbyData
SteamAPI_ISteamMatchmaking_GetFavoriteGame
SteamAPI_ISteamMatchmaking_GetFavoriteGameCount
SteamAPI_ISteamMatchmaking_GetLobbyByIndex
SteamAPI_ISteamMatchmaking_GetLobbyChatEntry
SteamAPI_ISteamMatchmaking_GetLobbyData
SteamAPI_ISteamMatchmaking_GetLobbyDataByIndex
SteamAPI_ISteamMatchmaking_GetLobbyDataCount
SteamAPI_ISteamMatchmaking_GetLobbyGameServer
SteamAPI_ISteamMatchmaking_GetLobbyMemberByIndex
SteamAPI_ISteamMatchmaking_GetLobbyMemberData
SteamAPI_ISteamMatchmaking_GetLobbyMemberLimit
SteamAPI_ISteamMatchmaking_GetLobbyOwner
SteamAPI_ISteamMatchmaking_GetNumLobbyMembers
SteamAPI_ISteamMatchmaking_InviteUserToLobby
SteamAPI_ISteamMatchmaking_JoinLobby
SteamAPI_ISteamMatchmaking_LeaveLobby
SteamAPI_ISteamMatchmaking_RemoveFavoriteGame
SteamAPI_ISteamMatchmaking_RequestLobbyData
SteamAPI_ISteamMatchmaking_RequestLobbyList
SteamAPI_ISteamMatchmaking_SendLobbyChatMsg
SteamAPI_ISteamMatchmaking_SetLinkedLobby
SteamAPI_ISteamMatchmaking_SetLobbyData
SteamAPI_ISteamMatchmaking_SetLobbyGameServer
SteamAPI_ISteamMatchmaking_SetLobbyJoinable
SteamAPI_ISteamMatchmaking_SetLobbyMemberData
SteamAPI_ISteamMatchmaking_SetLobbyMemberLimit
SteamAPI_ISteamMatchmaking_SetLobbyOwner
SteamAPI_ISteamMatchmaking_SetLobbyType
SteamAPI_ISteamMusicRemote_BActivationSuccess
SteamAPI_ISteamMusicRemote_BIsCurrentMusicRemote
SteamAPI_ISteamMusicRemote_CurrentEntryDidChange
SteamAPI_ISteamMusicRemote_CurrentEntryIsAvailable
SteamAPI_ISteamMusicRemote_CurrentEntryWillChange
SteamAPI_ISteamMusicRemote_DeregisterSteamMusicRemote
SteamAPI_ISteamMusicRemote_EnableLooped
SteamAPI_ISteamMusicRemote_EnablePlayNext
SteamAPI_ISteamMusicRemote_EnablePlayPrevious
SteamAPI_ISteamMusicRemote_EnablePlaylists
SteamAPI_ISteamMusicRemote_EnableQueue
SteamAPI_ISteamMusicRemote_EnableShuffled
SteamAPI_ISteamMusicRemote_PlaylistDidChange
SteamAPI_ISteamMusicRemote_PlaylistWillChange
SteamAPI_ISteamMusicRemote_QueueDidChange
SteamAPI_ISteamMusicRemote_QueueWillChange
SteamAPI_ISteamMusicRemote_RegisterSteamMusicRemote
SteamAPI_ISteamMusicRemote_ResetPlaylistEntries
SteamAPI_ISteamMusicRemote_ResetQueueEntries
SteamAPI_ISteamMusicRemote_SetCurrentPlaylistEntry
SteamAPI_ISteamMusicRemote_SetCurrentQueueEntry
SteamAPI_ISteamMusicRemote_SetDisplayName
SteamAPI_ISteamMusicRemote_SetPNGIcon_64x64
SteamAPI_ISteamMusicRemote_SetPlaylistEntry

Sections

.text
Size: 109KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 93KB - Virtual size: 93KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
MSC_Fix_Repair_Steam_Generic/winhttp.dll
.dll windows:6 windows x64 arch:x64

125f64c555a4e74d89ade10d51126f5c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

GetCommandLineW
GetEnvironmentVariableW
GetFileAttributesW
GetFullPathNameW
HeapFree
LocalFree
lstrcmpiW
GetPrivateProfileStringW
HeapAlloc
GetStdHandle
GetCommandLineA
SetEnvironmentVariableA
SetEnvironmentVariableW
SetCurrentDirectoryW
GetCurrentDirectoryW
CreateFileW
GetFileSize
ReadFile
CloseHandle
GetLastError
GetProcessHeap
ExitProcess
GetSystemDirectoryW
VirtualProtect
GetModuleFileNameW
GetModuleHandleA
GetProcAddress
LoadLibraryW
lstrcmpA
lstrcmpiA
MultiByteToWideChar
WideCharToMultiByte

user32

MessageBoxW
wsprintfW

shell32

CommandLineToArgvW

Exports

Exports

GetFileVersionInfoA
GetFileVersionInfoByHandle
GetFileVersionInfoExA
GetFileVersionInfoExW
GetFileVersionInfoSizeA
GetFileVersionInfoSizeExA
GetFileVersionInfoSizeExW
GetFileVersionInfoSizeW
GetFileVersionInfoW
Private1
SvchostPushServiceGlobals
VerFindFileA
VerFindFileW
VerInstallFileA
VerInstallFileW
VerLanguageNameA
VerLanguageNameW
VerQueryValueA
VerQueryValueW
WinHttpAddRequestHeaders
WinHttpAutoProxySvcMain
WinHttpCheckPlatform
WinHttpCloseHandle
WinHttpConnect
WinHttpConnectionDeletePolicyEntries
WinHttpConnectionDeleteProxyInfo
WinHttpConnectionFreeNameList
WinHttpConnectionFreeProxyInfo
WinHttpConnectionFreeProxyList
WinHttpConnectionGetNameList
WinHttpConnectionGetProxyInfo
WinHttpConnectionGetProxyList
WinHttpConnectionSetPolicyEntries
WinHttpConnectionSetProxyInfo
WinHttpConnectionUpdateIfIndexTable
WinHttpCrackUrl
WinHttpCreateProxyResolver
WinHttpCreateUrl
WinHttpDetectAutoProxyConfigUrl
WinHttpFreeProxyResult
WinHttpFreeProxyResultEx
WinHttpFreeProxySettings
WinHttpGetDefaultProxyConfiguration
WinHttpGetIEProxyConfigForCurrentUser
WinHttpGetProxyForUrl
WinHttpGetProxyForUrlEx
WinHttpGetProxyForUrlEx2
WinHttpGetProxyForUrlHvsi
WinHttpGetProxyResult
WinHttpGetProxyResultEx
WinHttpGetProxySettingsVersion
WinHttpGetTunnelSocket
WinHttpOpen
WinHttpOpenRequest
WinHttpPacJsWorkerMain
WinHttpProbeConnectivity
WinHttpQueryAuthSchemes
WinHttpQueryDataAvailable
WinHttpQueryHeaders
WinHttpQueryOption
WinHttpReadData
WinHttpReadProxySettings
WinHttpReadProxySettingsHvsi
WinHttpReceiveResponse
WinHttpResetAutoProxy
WinHttpSaveProxyCredentials
WinHttpSendRequest
WinHttpSetCredentials
WinHttpSetDefaultProxyConfiguration
WinHttpSetOption
WinHttpSetStatusCallback
WinHttpSetTimeouts
WinHttpTimeFromSystemTime
WinHttpTimeToSystemTime
WinHttpWebSocketClose
WinHttpWebSocketCompleteUpgrade
WinHttpWebSocketQueryCloseStatus
WinHttpWebSocketReceive
WinHttpWebSocketSend
WinHttpWebSocketShutdown
WinHttpWriteData
WinHttpWriteProxySettings

Sections

.text
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 984B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 300B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
MSC_Fix_Repair_Steam_Generic/winmm.dll
.dll windows:6 windows x64 arch:x64

d87c96e86984e394d8b76e8b7350cb52

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleFileNameW
GetSystemDirectoryW
GetLastError
LoadLibraryW
GetProcAddress
ExitProcess
SetEndOfFile
WriteConsoleW
HeapSize
MultiByteToWideChar
GetStringTypeW
WideCharToMultiByte
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionEx
DeleteCriticalSection
EncodePointer
DecodePointer
GetLocaleInfoEx
LCMapStringEx
CompareStringEx
GetCPInfo
HeapCreate
VirtualProtect
HeapFree
GetCurrentProcess
Thread32Next
Thread32First
GetCurrentThreadId
SuspendThread
ResumeThread
CreateToolhelp32Snapshot
Sleep
HeapReAlloc
CloseHandle
HeapAlloc
GetThreadContext
GetCurrentProcessId
GetModuleHandleW
FlushInstructionCache
SetThreadContext
OpenThread
VirtualFree
VirtualAlloc
GetSystemInfo
VirtualQuery
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead
RtlUnwindEx
RtlPcToFileHeader
RaiseException
InterlockedFlushSList
SetLastError
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
LoadLibraryExW
GetModuleHandleExW
FlushFileBuffers
WriteFile
GetConsoleOutputCP
GetConsoleMode
GetFileSizeEx
SetFilePointerEx
GetStdHandle
GetFileType
GetDateFormatW
GetTimeFormatW
CompareStringW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
ReadFile
GetTimeZoneInformation
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
GetProcessHeap
SetStdHandle
ReadConsoleW
CreateFileW
RtlUnwind

user32

MessageBoxA
MessageBoxW

Exports

Exports

CloseDriver
DefDriverProc
DriverCallback
DrvGetModuleHandle
GetDriverModuleHandle
NotifyCallbackData
OnlineFix
OpenDriver
PlaySound
PlaySoundA
PlaySoundW
SendDriverMessage
WOW32DriverCallback
WOW32ResolveMultiMediaHandle
WOWAppExit
aux32Message
auxGetDevCapsA
auxGetDevCapsW
auxGetNumDevs
auxGetVolume
auxOutMessage
auxSetVolume
joy32Message
joyConfigChanged
joyGetDevCapsA
joyGetDevCapsW
joyGetNumDevs
joyGetPos
joyGetPosEx
joyGetThreshold
joyReleaseCapture
joySetCapture
joySetThreshold
mci32Message
mciDriverNotify
mciDriverYield
mciExecute
mciFreeCommandResource
mciGetCreatorTask
mciGetDeviceIDA
mciGetDeviceIDFromElementIDA
mciGetDeviceIDFromElementIDW
mciGetDeviceIDW
mciGetDriverData
mciGetErrorStringA
mciGetErrorStringW
mciGetYieldProc
mciLoadCommandResource
mciSendCommandA
mciSendCommandW
mciSendStringA
mciSendStringW
mciSetDriverData
mciSetYieldProc
mid32Message
midiConnect
midiDisconnect
midiInAddBuffer
midiInClose
midiInGetDevCapsA
midiInGetDevCapsW
midiInGetErrorTextA
midiInGetErrorTextW
midiInGetID
midiInGetNumDevs
midiInMessage
midiInOpen
midiInPrepareHeader
midiInReset
midiInStart
midiInStop
midiInUnprepareHeader
midiOutCacheDrumPatches
midiOutCachePatches
midiOutClose
midiOutGetDevCapsA
midiOutGetDevCapsW
midiOutGetErrorTextA
midiOutGetErrorTextW
midiOutGetID
midiOutGetNumDevs
midiOutGetVolume
midiOutLongMsg
midiOutMessage
midiOutOpen
midiOutPrepareHeader
midiOutReset
midiOutSetVolume
midiOutShortMsg
midiOutUnprepareHeader
midiStreamClose
midiStreamOpen
midiStreamOut
midiStreamPause
midiStreamPosition
midiStreamProperty
midiStreamRestart
midiStreamStop
mixerClose
mixerGetControlDetailsA
mixerGetControlDetailsW
mixerGetDevCapsA
mixerGetDevCapsW
mixerGetID
mixerGetLineControlsA
mixerGetLineControlsW
mixerGetLineInfoA
mixerGetLineInfoW
mixerGetNumDevs
mixerMessage
mixerOpen
mixerSetControlDetails
mmDrvInstall
mmGetCurrentTask
mmTaskBlock
mmTaskCreate
mmTaskSignal
mmTaskYield
mmioAdvance
mmioAscend
mmioClose
mmioCreateChunk
mmioDescend
mmioFlush
mmioGetInfo
mmioInstallIOProcA
mmioInstallIOProcW
mmioOpenA
mmioOpenW
mmioRead
mmioRenameA
mmioRenameW
mmioSeek
mmioSendMessage
mmioSetBuffer
mmioSetInfo
mmioStringToFOURCCA
mmioStringToFOURCCW
mmioWrite
mmsystemGetVersion
mod32Message
mxd32Message
sndPlaySoundA
sndPlaySoundW
tid32Message
timeBeginPeriod
timeEndPeriod
timeGetDevCaps
timeGetSystemTime
timeGetTime
timeKillEvent
timeSetEvent
waveInAddBuffer
waveInClose
waveInGetDevCapsA
waveInGetDevCapsW
waveInGetErrorTextA
waveInGetErrorTextW
waveInGetID
waveInGetNumDevs
waveInGetPosition
waveInMessage
waveInOpen
waveInPrepareHeader
waveInReset
waveInStart
waveInStop
waveInUnprepareHeader
waveOutBreakLoop
waveOutClose
waveOutGetDevCapsA
waveOutGetDevCapsW
waveOutGetErrorTextA
waveOutGetErrorTextW
waveOutGetID
waveOutGetNumDevs
waveOutGetPitch
waveOutGetPlaybackRate
waveOutGetPosition
waveOutGetVolume
waveOutMessage
waveOutOpen
waveOutPause
waveOutPrepareHeader
waveOutReset
waveOutRestart
waveOutSetPitch
waveOutSetPlaybackRate
waveOutSetVolume
waveOutUnprepareHeader
waveOutWrite
wid32Message
wod32Message

Sections

.text
Size: 372KB - Virtual size: 372KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 108KB - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 348B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 648B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
MrPcGamer.url
.url
README !!!.txt
[Game3rb].url
.url

Sharing

General

Malware Config

Signatures

Files

Password: infected

Password: infected

Password: infected

ff510448050ae8e644fd53aefa325d4e

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

Sections

.text Size: 120KB - Virtual size: 119KB

.rdata Size: 51KB - Virtual size: 50KB

.data Size: 4KB - Virtual size: 7KB

.rsrc Size: 137KB - Virtual size: 136KB

.reloc Size: 7KB - Virtual size: 6KB

Password: infected

10c1b70987e42d05f256c6e82924ec7e

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

shell32

ws2_32

wldap32

advapi32

Exports

Exports

Sections

.text Size: - Virtual size: 1.7MB

.rdata Size: - Virtual size: 609KB

.data Size: - Virtual size: 314KB

.pdata Size: - Virtual size: 88KB

_RDATA Size: - Virtual size: 348B

.of0 Size: - Virtual size: 5.2MB

.of1 Size: 512B - Virtual size: 152B

.of2 Size: 10.3MB - Virtual size: 10.3MB

.rsrc Size: 1024B - Virtual size: 664B

.reloc Size: 512B - Virtual size: 284B

Password: infected

fd9c9736fbc202d1a20e83d97ea0979b

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

Exports

Exports

Sections

.text Size: 62KB - Virtual size: 62KB

.rdata Size: 39KB - Virtual size: 39KB

.data Size: 3KB - Virtual size: 7KB

.pdata Size: 5KB - Virtual size: 4KB

_RDATA Size: 512B - Virtual size: 348B

.rsrc Size: 1024B - Virtual size: 672B

.reloc Size: 2KB - Virtual size: 1KB

Password: infected

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 108KB - Virtual size: 108KB

.rsrc Size: 1024B - Virtual size: 1000B

.reloc Size: 512B - Virtual size: 12B

Password: infected

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

.text
Size: 120KB - Virtual size: 119KB

.rdata
Size: 51KB - Virtual size: 50KB

.data
Size: 4KB - Virtual size: 7KB

.rsrc
Size: 137KB - Virtual size: 136KB

.reloc
Size: 7KB - Virtual size: 6KB

.text
Size: - Virtual size: 1.7MB

.rdata
Size: - Virtual size: 609KB

.data
Size: - Virtual size: 314KB

.pdata
Size: - Virtual size: 88KB

_RDATA
Size: - Virtual size: 348B

.of0
Size: - Virtual size: 5.2MB

.of1
Size: 512B - Virtual size: 152B

.of2
Size: 10.3MB - Virtual size: 10.3MB

.rsrc
Size: 1024B - Virtual size: 664B

.reloc
Size: 512B - Virtual size: 284B

.text
Size: 62KB - Virtual size: 62KB

.rdata
Size: 39KB - Virtual size: 39KB

.data
Size: 3KB - Virtual size: 7KB

.pdata
Size: 5KB - Virtual size: 4KB

_RDATA
Size: 512B - Virtual size: 348B

.rsrc
Size: 1024B - Virtual size: 672B

.reloc
Size: 2KB - Virtual size: 1KB

.text
Size: 108KB - Virtual size: 108KB

.rsrc
Size: 1024B - Virtual size: 1000B

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 3.7MB - Virtual size: 3.7MB

.rsrc
Size: 1024B - Virtual size: 912B

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 18.4MB - Virtual size: 18.4MB

.rsrc
Size: 1024B - Virtual size: 872B

.reloc
Size: 512B - Virtual size: 12B

02:8a:a6:e7:b5:16:c0:d1:55:f1:5d:62:90:a4:30:e3
Certificate

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

03:01:9a:02:3a:ff:58:b1:6b:d6:d5:ea:e6:17:f0:66
Certificate

06:fd:f9:03:96:03:ad:ea:00:0a:eb:3f:27:bb:ba:1b
Certificate

1b:64:b0:ac:d8:16:1d:e5:87:74:8b:bc:b7:69:1b:a6:ef:fe:9d:d6
Signer

.text
Size: 2.7MB - Virtual size: 2.7MB

.rdata
Size: 851KB - Virtual size: 851KB

.data
Size: 3KB - Virtual size: 7KB

.pdata
Size: 130KB - Virtual size: 129KB

.reloc
Size: 9KB - Virtual size: 9KB

0c:e7:e0:e5:17:d8:46:fe:8f:e5:60:fc:1b:f0:30:39
Certificate

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

08:4c:af:4d:f4:99:14:1d:40:4b:71:99:aa:2c:21:31
Certificate

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

e5:51:ad:3b:c2:55:87:c2:6b:b3:c3:72:55:be:0b:eb:f6:d2:14:66
Signer