OnlineFix[.]zip

Sharing

Copy URL Twitter E-mail

General

Target

OnlineFix.zip
Size

7.3MB
MD5

0857dfda3f96cc3d4dc16f2fa39b3946
SHA1

f6d2c52e63d9af2cea2a0e82cf3da99ed562b2ef
SHA256

b3047f53bc6c7998202158816f46df10b79ca31047f9ae4fe34da0007eeb6976
SHA512

3ab3635dba4e84a3b8b99f4726609c68ab3608691c693883c1ec750e12500af622a6ffacd0fa4275a6c29d03ec27a309e8e5a8509cbf5fbb4bc6e85e3c8a4a7a
SSDEEP

196608:yiFVV2TutcnnHZCbr+3VNE9sie1jy2/3pnj0PAGkL/5Vf/Pg:B8KtcH/l6kHVtGkr5pQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/OnlineFix.dll

Files

OnlineFix.zip
.zip
OnlineFix.dll
.dll windows:6 windows x86 arch:x86

4560ab5f3cb5d4e0fd636839940fb2ea

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleA

user32

MessageBoxA

shell32

SHGetSpecialFolderPathA

ws2_32

ioctlsocket

wldap32

ord27

advapi32

RegisterEventSourceA

Exports

Exports

Breakpad_SteamMiniDumpInit
Breakpad_SteamSetAppID
Breakpad_SteamSetSteamID
Breakpad_SteamWriteMiniDumpSetComment
Breakpad_SteamWriteMiniDumpUsingExceptionInfoWithBuildId
CreateInterface
OnlineFix
ShellExecuteA
ShellExecuteW
Steam_BConnected
Steam_BGetCallback
Steam_BLoggedOn
Steam_BReleaseSteamPipe
Steam_ConnectToGlobalUser
Steam_CreateGlobalUser
Steam_CreateLocalUser
Steam_CreateSteamPipe
Steam_FreeLastCallback
Steam_GSBLoggedOn
Steam_GSBSecure
Steam_GSGetSteam2GetEncryptionKeyToSendToNewClient
Steam_GSGetSteamID
Steam_GSLogOff
Steam_GSLogOn
Steam_GSRemoveUserConnect
Steam_GSSendSteam2UserConnect
Steam_GSSendSteam3UserConnect
Steam_GSSendUserDisconnect
Steam_GSSendUserStatusResponse
Steam_GSSetServerType
Steam_GSSetSpawnCount
Steam_GSUpdateStatus
Steam_GetAPICallResult
Steam_GetGSHandle
Steam_InitiateGameConnection
Steam_LogOff
Steam_LogOn
Steam_ReleaseThreadLocalMemory
Steam_ReleaseUser
Steam_SetLocalIPBinding
Steam_TerminateGameConnection
hid_close
hid_enumerate
hid_error
hid_exit
hid_free_enumeration
hid_get_feature_report
hid_get_indexed_string
hid_get_manufacturer_string
hid_get_product_string
hid_get_serial_number_string
hid_init
hid_open
hid_open_path
hid_read
hid_read_timeout
hid_send_feature_report
hid_set_nonblocking
hid_write
hid_write_output_report

Sections

.text
Size: - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 398KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.of0
Size: - Virtual size: 3.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.of1
Size: 512B - Virtual size: 80B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.of2
Size: 7.6MB - Virtual size: 7.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 664B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
OnlineFix.ini

Sharing

General

Malware Config

Signatures

Files

4560ab5f3cb5d4e0fd636839940fb2ea

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

shell32

ws2_32

wldap32

advapi32

Exports

Exports

Sections

.text Size: - Virtual size: 1.3MB

.rdata Size: - Virtual size: 398KB

.data Size: - Virtual size: 56KB

.of0 Size: - Virtual size: 3.6MB

.of1 Size: 512B - Virtual size: 80B

.of2 Size: 7.6MB - Virtual size: 7.6MB

.rsrc Size: 1024B - Virtual size: 664B

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: - Virtual size: 1.3MB

.rdata
Size: - Virtual size: 398KB

.data
Size: - Virtual size: 56KB

.of0
Size: - Virtual size: 3.6MB

.of1
Size: 512B - Virtual size: 80B

.of2
Size: 7.6MB - Virtual size: 7.6MB

.rsrc
Size: 1024B - Virtual size: 664B

.reloc
Size: 2KB - Virtual size: 1KB