bf87da1f0171526589af84dbefbbfdc4

Sharing

Copy URL

Twitter E-mail

General

Target

bf87da1f0171526589af84dbefbbfdc4
Size

7.1MB
MD5

bf87da1f0171526589af84dbefbbfdc4
SHA1

baaf784877a62bd3a1323e1a0c9658ea877d3635
SHA256

d674cb17131246b2353eb0d062fd5121a0219bd3acabcd6399e5354bf3e7300b
SHA512

33b3539ccedc92c65cc6443cefdfd0e165feb2db72412a2b8af8eaa5554802ff747dc42d6b28a8821a56b855a391d8a289a8c38fc8a5e1c84dc7d3edf2a6dbcf
SSDEEP

98304:C12zNVI3PPOlll7XvvQNrUWKOvHHbFyu50w6TIkmTtupwGGcn70GVHYu19c6JK9F:CEHqWDpEKeyu50w6slTg7s

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bf87da1f0171526589af84dbefbbfdc4

Files

bf87da1f0171526589af84dbefbbfdc4
.dll windows:6 windows x86 arch:x86

97531450dc6b804b60e4449e25522733

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

steam_api

SteamInternal_CreateInterface
SteamInternal_ContextInit
SteamAPI_GetHSteamUser
SteamAPI_GetHSteamPipe
SteamAPI_UnregisterCallback
SteamAPI_RegisterCallback
SteamAPI_RunCallbacks
SteamAPI_Shutdown
SteamAPI_Init

kernel32

TerminateProcess
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
HeapAlloc
HeapReAlloc
HeapFree
GetProcessHeap
WideCharToMultiByte
MultiByteToWideChar
GetStringTypeW
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
GetCPInfo
CompareStringW
LCMapStringW
GetLocaleInfoW
EncodePointer
DecodePointer
SetLastError
InitializeCriticalSectionAndSpinCount
CreateEventW
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleW
GetProcAddress
CloseHandle
SetEvent
ResetEvent
WaitForSingleObjectEx
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
IsProcessorFeaturePresent
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
RtlUnwind
RaiseException
InterlockedPushEntrySList
InterlockedFlushSList
GetLastError
FreeLibrary
LoadLibraryExW
ExitProcess
GetModuleHandleExW
GetModuleFileNameA
GetACP
GetDateFormatW
GetTimeFormatW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
GetStdHandle
GetFileType
GetTimeZoneInformation
FindClose
FindFirstFileExA
FindNextFileA
IsValidCodePage
GetOEMCP

Exports

Exports

_IwAppEntry
_IwAppVersionMajor
_IwAppVersionMinor

Sections

.text
Size: 5.5MB - Virtual size: 5.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 94KB - Virtual size: 2.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

STLPORT_
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gfids
Size: 512B - Virtual size: 376B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_RDATA
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 261KB - Virtual size: 261KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

97531450dc6b804b60e4449e25522733

Headers

DLL Characteristics

File Characteristics

Imports

steam_api

kernel32

Exports

Exports

Sections

.text Size: 5.5MB - Virtual size: 5.5MB

.rdata Size: 1.3MB - Virtual size: 1.3MB

.data Size: 94KB - Virtual size: 2.6MB

STLPORT_ Size: 512B - Virtual size: 32B

.gfids Size: 512B - Virtual size: 376B

.tls Size: 512B - Virtual size: 9B

_RDATA Size: 2KB - Virtual size: 1KB

.reloc Size: 261KB - Virtual size: 261KB

.text
Size: 5.5MB - Virtual size: 5.5MB

.rdata
Size: 1.3MB - Virtual size: 1.3MB

.data
Size: 94KB - Virtual size: 2.6MB

STLPORT_
Size: 512B - Virtual size: 32B

.gfids
Size: 512B - Virtual size: 376B

.tls
Size: 512B - Virtual size: 9B

_RDATA
Size: 2KB - Virtual size: 1KB

.reloc
Size: 261KB - Virtual size: 261KB