SmartSteamEmu64[.]dll

Sharing

Copy URL Twitter E-mail

General

Target

SmartSteamEmu64.dll
Size

6.1MB
MD5

b0f933e1a03346d839cd4c3a51c64421
SHA1

2449c5a320f5f049095ddc616d57ebec198770f1
SHA256

815d162dfd7177b95aa8c635fe09eb938896688cdbb518b573b69023f011622e
SHA512

9dfd891bc41e6204a8de3eb0a0cde85aa292ed51bc5ba6242df65248c31ab9c1e7420adca366a965f6d606e59a153dc2ffcd39afc450dda547c7eaff427fb7af
SSDEEP

98304:mCNeiCuEnTPTXt+H5K7PkVxDXru5mevk9x/GqPrJe6YNPgvBEpQDZKFwdnD4T+9c:m6eJuEnT7961

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
SmartSteamEmu64.dll

Files

SmartSteamEmu64.dll
.dll windows:5 windows x64 arch:x64

Password: test

5317b1a6241c23b239a3c8e5d48cdb82

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\Developments\Games\SmartSteamEmu\x64\Release\SmartSteamEmu64.pdb

Imports

kernel32

CloseHandle
CreateThread
GetModuleFileNameW
GetTickCount
TerminateThread
CreateEventW
WaitForSingleObject
TryEnterCriticalSection
SetEvent
GetCurrentThread
Sleep
ResumeThread
SuspendThread
QueryPerformanceCounter
QueryPerformanceFrequency
CreateFileW
ReadFile
GetCurrentProcessId
GetCurrentThreadId
WaitForMultipleObjects
CreateFileA
WriteFile
FindClose
GetFileSize
MoveFileW
GetExitCodeThread
ExpandEnvironmentStringsW
CreateDirectoryW
FindFirstFileW
FindNextFileW
DeleteFileW
ResetEvent
GetSystemPowerStatus
GetProcAddress
LoadLibraryW
FormatMessageA
GetLastError
LocalFree
FreeLibrary
GetPrivateProfileIntW
GetPrivateProfileStringW
GetPrivateProfileSectionW
GetComputerNameW
WritePrivateProfileStringW
CopyFileW
GetFileAttributesW
SetFileAttributesW
RemoveDirectoryW
MoveFileExW
WideCharToMultiByte
MultiByteToWideChar
WaitNamedPipeW
SetNamedPipeHandleState
CreateNamedPipeW
ConnectNamedPipe
DisconnectNamedPipe
FlushFileBuffers
SetFilePointer
GetModuleHandleExW
GetModuleHandleA
SetUnhandledExceptionFilter
DisableThreadLibraryCalls
CreateProcessW
DeviceIoControl
GetVersionExW
GetWindowsDirectoryA
GetVersion
HeapSetInformation
RtlCaptureContext
RtlVirtualUnwind
GetCurrentProcess
FlushInstructionCache
VirtualProtect
VirtualQuery
GetModuleHandleW
IsDebuggerPresent
UnhandledExceptionFilter
CompareStringW
WriteConsoleW
InitializeSListHead
TlsFree
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
GetModuleFileNameA
TerminateProcess
GetStringTypeW
GetCurrentDirectoryW
GetFullPathNameW
SetEnvironmentVariableW
SetEnvironmentVariableA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetLocaleInfoW
GetProcessHeap
SetEndOfFile
GetConsoleMode
GetConsoleCP
SetStdHandle
HeapSize
FlsAlloc
FlsFree
FlsGetValue
IsValidCodePage
GetOEMCP
GetACP
GetStartupInfoW
SetHandleCount
GetFileInformationByHandle
FindFirstFileExA
GetSystemInfo
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
GetSystemDirectoryW
InitializeCriticalSection
HeapDestroy
GetDriveTypeA
GetThreadTimes
SwitchToThread
InitializeCriticalSectionAndSpinCount
TlsGetValue
GetCPInfo
LCMapStringW
RtlUnwindEx
RtlLookupFunctionEntry
RtlPcToFileHeader
RaiseException
GetCommandLineA
FlsSetValue
GetTimeFormatA
GetDateFormatA
GetFullPathNameA
FindFirstFileExW
GetDriveTypeW
FileTimeToLocalFileTime
FileTimeToSystemTime
ExitThread
HeapReAlloc
GetSystemTimeAsFileTime
GetTimeZoneInformation
CreateDirectoryA
HeapAlloc
HeapFree
GetEnvironmentVariableA
lstrcmpW
SignalObjectAndWait
GetThreadPriority
GetPriorityClass
CreateWaitableTimerA
EncodePointer
DecodePointer
ExitProcess
CreateEventA
WaitForSingleObjectEx
SetThreadPriority
LoadLibraryA
VerifyVersionInfoA
VerSetConditionMask
SetLastError
SleepEx
PeekNamedPipe
GetFileType
GetStdHandle
ExpandEnvironmentStringsA
GlobalAlloc
GlobalFree
GetVersionExA
CancelWaitableTimer
WaitForMultipleObjectsEx
SetWaitableTimer
HeapCreate

user32

GetForegroundWindow
GetAsyncKeyState
GetWindowThreadProcessId

advapi32

CryptGetHashParam
CryptReleaseContext
CryptHashData
CryptAcquireContextA
CryptCreateHash
GetUserNameW
GetCurrentHwProfileA
RegCloseKey
RegQueryValueExW
CryptDestroyHash

shell32

SHGetFolderPathW

ws2_32

getaddrinfo
freeaddrinfo
getpeername
WSASetLastError
WSAIoctl
__WSAFDIsSet
getsockopt
setsockopt
accept
listen
WSACleanup
WSAStartup
gethostname
WSAGetLastError
ntohs
bind
getsockname
select
htons
connect
gethostbyname
ioctlsocket
closesocket
recv
recvfrom
send
sendto
socket
inet_addr
inet_ntoa
ntohl
htonl

secur32

GetUserNameExW

wldap32

ord22
ord211
ord143
ord60
ord50
ord26
ord30
ord32
ord35
ord79
ord200
ord33
ord301
ord27
ord41
ord46

normaliz

IdnToAscii

winmm

waveInAddBuffer
waveInUnprepareHeader
waveOutUnprepareHeader
waveInClose
waveInPrepareHeader
waveOutGetDevCapsA
waveOutMessage
waveInGetDevCapsA
waveInMessage
waveOutWrite
waveOutGetErrorTextA
waveInOpen
waveInGetErrorTextA
timeEndPeriod
timeBeginPeriod
timeGetTime
waveOutGetNumDevs
waveInGetNumDevs
waveOutGetPosition
waveOutRestart
waveInStart
waveOutPause
waveInReset
waveOutReset
waveOutOpen
waveOutPrepareHeader
waveOutClose

setupapi

SetupDiGetDeviceInterfaceAlias
SetupDiGetDeviceRegistryPropertyW
SetupDiOpenDeviceInterfaceRegKey
SetupDiEnumDeviceInterfaces
SetupDiGetClassDevsA
SetupDiGetDeviceInterfaceDetailW
SetupDiDestroyDeviceInfoList

ole32

CoTaskMemFree
CoGetInterfaceAndReleaseStream
CoMarshalInterThreadInterfaceInStream
CoUninitialize
CoInitializeEx
PropVariantClear
CoCreateInstance
CoInitialize

Exports

Exports

Breakpad_SetSteamID
Breakpad_SteamMiniDumpInit
Breakpad_SteamSetSteamID
Breakpad_SteamWriteMiniDumpSetComment
Breakpad_SteamWriteMiniDumpUsingExceptionInfoWithBuildId
CreateInterface
GetHSteamPipe
GetHSteamUser
GetSSeApi
InitSSE
MySteamAPI_RegisterCallResult
MySteamAPI_RegisterCallback
MySteamAPI_UnregisterCallResult
MySteamAPI_UnregisterCallback
SSECreateProcess
SteamAPI_GetHSteamPipe
SteamAPI_GetHSteamUser
SteamAPI_GetSteamInstallPath
SteamAPI_Init
SteamAPI_InitSafe
SteamAPI_IsSteamRunning
SteamAPI_RegisterCallResult
SteamAPI_RegisterCallback
SteamAPI_RestartAppIfNecessary
SteamAPI_RunCallbacks
SteamAPI_SetBreakpadAppID
SteamAPI_SetMiniDumpComment
SteamAPI_SetTryCatchCallbacks
SteamAPI_Shutdown
SteamAPI_UnregisterCallResult
SteamAPI_UnregisterCallback
SteamAPI_UseBreakpadCrashHandler
SteamAPI_WriteMiniDump
SteamAppList
SteamApps
SteamCheckAppOwnership
SteamCleanup
SteamClient
SteamController
SteamController_GetControllerState
SteamController_Init
SteamController_SetOverrideMode
SteamController_Shutdown
SteamController_TriggerHapticPulse
SteamFriends
SteamGameServer
SteamGameServerApps
SteamGameServerHTTP
SteamGameServerNetworking
SteamGameServerStats
SteamGameServerUGC
SteamGameServerUtils
SteamGameServer_BSecure
SteamGameServer_GetHSteamPipe
SteamGameServer_GetHSteamUser
SteamGameServer_GetIPCCallCount
SteamGameServer_GetSteamID
SteamGameServer_Init
SteamGameServer_InitSafe
SteamGameServer_RunCallbacks
SteamGameServer_Shutdown
SteamGetLocalClientVersion
SteamGetVersion
SteamHTMLSurface
SteamHTTP
SteamInventory
SteamIsAppSubscribed
SteamIsLoggedIn
SteamIsSubscribed
SteamLogin
SteamLogout
SteamMatchmaking
SteamMatchmakingServers
SteamMusic
SteamMusicRemote
SteamNetworking
SteamRemoteStorage
SteamShutdownEngine
SteamShutdownSteamBridgeInterface
SteamStartEngine
SteamStartEngineEx
SteamStartup
SteamUGC
SteamUnifiedMessages
SteamUser
SteamUserStats
SteamUtils
SteamVideo
Steam_BConnected
Steam_BGetCallback
Steam_BLoggedOn
Steam_BReleaseSteamPipe
Steam_ConnectToGlobalUser
Steam_CreateGlobalUser
Steam_CreateLocalUser
Steam_CreateSteamPipe
Steam_FreeLastCallback
Steam_GSBLoggedOn
Steam_GSBSecure
Steam_GSGetSteam2GetEncryptionKeyToSendToNewClient
Steam_GSLogOff
Steam_GSLogOn
Steam_GSRemoveUserConnect
Steam_GSSendSteam2UserConnect
Steam_GSSendUserDisconnect
Steam_GSSendUserStatusResponse
Steam_GSSetServerType
Steam_GSSetSpawnCount
Steam_GSUpdateStatus
Steam_GetAPICallResult
Steam_GetGSHandle
Steam_GetHSteamUserCurrent
Steam_InitiateGameConnection
Steam_LogOff
Steam_LogOn
Steam_RegisterInterfaceFuncs
Steam_ReleaseUser
Steam_RunCallbacks
Steam_SetLocalIPBinding
Steam_TerminateGameConnection
g_pSteamClientGameServer

Sections

.text
Size: 4.2MB - Virtual size: 4.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 197KB - Virtual size: 230KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 250KB - Virtual size: 250KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE

data
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 70KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: test

5317b1a6241c23b239a3c8e5d48cdb82

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

advapi32

shell32

ws2_32

secur32

wldap32

normaliz

winmm

setupapi

ole32

Exports

Exports

Sections

.text Size: 4.2MB - Virtual size: 4.2MB

.rdata Size: 1.4MB - Virtual size: 1.4MB

.data Size: 197KB - Virtual size: 230KB

.pdata Size: 250KB - Virtual size: 250KB

text Size: 4KB - Virtual size: 3KB

data Size: 12KB - Virtual size: 11KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 70KB - Virtual size: 69KB

.text
Size: 4.2MB - Virtual size: 4.2MB

.rdata
Size: 1.4MB - Virtual size: 1.4MB

.data
Size: 197KB - Virtual size: 230KB

.pdata
Size: 250KB - Virtual size: 250KB

text
Size: 4KB - Virtual size: 3KB

data
Size: 12KB - Virtual size: 11KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 70KB - Virtual size: 69KB