steam_ssfner[.]zip

Sharing

Copy URL Twitter E-mail

General

Target

steam_ssfner.zip
Size

9.4MB
MD5

604ef670d322ef90c42cf2a982bef63b
SHA1

435856ab9edb57028a3ec85629af780d0bb9ac2c
SHA256

31e9f88d2343967251e2ef28dfe51eb901ac91fdea16268f1b023e4d00456e51
SHA512

1e0487693bd9293548fccd9d650099c1e66c51b7ae17a0fa12807930a30f33ec5a5946105529bb7851103a35c1b1db7d1d814662d811921aa1d5fd57687c3cc1
SSDEEP

196608:kQaQor/e8U2OW7sT/VnGObK+o6//cTB2Or0DloVAQn0ImqEIpBnrEFj:NbSe8MWg/VGOHMTcOrilxCDEI3YFj

Score

3^/10

Malware Config

Signatures

Unsigned PE 3 IoCs

Checks for missing Authenticode signature.

resource
unpack001/flutter_windows.dll
unpack001/steam_ssfner.exe
unpack001/url_launcher_windows_plugin.dll

Files

steam_ssfner.zip
.zip
data/app.so
.elf linux x64
data/flutter_assets/AssetManifest.json
data/flutter_assets/FontManifest.json
data/flutter_assets/NOTICES.Z
.gz
NOTICES.Z
data/flutter_assets/fonts/MaterialIcons-Regular.otf
data/flutter_assets/packages/cupertino_icons/assets/CupertinoIcons.ttf
data/flutter_assets/packages/fluttericon/lib/fonts/Brandico.ttf
data/flutter_assets/packages/fluttericon/lib/fonts/Elusive.ttf
data/flutter_assets/packages/fluttericon/lib/fonts/Entypo.ttf
data/flutter_assets/packages/fluttericon/lib/fonts/FontAwesome.ttf
data/flutter_assets/packages/fluttericon/lib/fonts/FontAwesome5.ttf
data/flutter_assets/packages/fluttericon/lib/fonts/Fontelico.ttf
data/flutter_assets/packages/fluttericon/lib/fonts/Iconic.ttf
data/flutter_assets/packages/fluttericon/lib/fonts/LineariconsFree.ttf
data/flutter_assets/packages/fluttericon/lib/fonts/Linecons.ttf
data/flutter_assets/packages/fluttericon/lib/fonts/Maki.ttf
data/flutter_assets/packages/fluttericon/lib/fonts/Meteocons.ttf
data/flutter_assets/packages/fluttericon/lib/fonts/MfgLabs.ttf
data/flutter_assets/packages/fluttericon/lib/fonts/ModernPictograms.ttf
data/flutter_assets/packages/fluttericon/lib/fonts/Octicons.ttf
data/flutter_assets/packages/fluttericon/lib/fonts/RpgAwesome.ttf
data/flutter_assets/packages/fluttericon/lib/fonts/Typicons.ttf
data/flutter_assets/packages/fluttericon/lib/fonts/WebSymbols.ttf
data/flutter_assets/packages/fluttericon/lib/fonts/Zocial.ttf
data/icudtl.dat
flutter_windows.dll
.dll windows:5 windows x64 arch:x64

462c7c8dc825cd31e8ec07f164051e15

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\b\s\w\ir\cache\builder\src\out\host_release\flutter_windows.dll.pdb

Imports

advapi32

RegGetValueW
RegCloseKey
RegOpenKeyExW
RegQueryInfoKeyW
RegEnumKeyExW
SystemFunction036
RegCreateKeyExW
RegDeleteValueW
RegSetValueExW
RegDeleteKeyW

iphlpapi

GetAdaptersAddresses

ole32

CoTaskMemAlloc
CoTaskMemFree
CoCreateInstance
CoTaskMemRealloc

oleaut32

LoadRegTypeLi
SysFreeString
SysStringLen
SafeArrayCreateVector
LoadTypeLi
VariantCopy
VariantClear
VarUI4FromStr
SafeArrayPutElement
SafeArrayAccessData
VariantInit
SafeArrayDestroy
SysAllocString
SafeArrayUnaccessData

psapi

GetProcessMemoryInfo

rpcrt4

RpcStringFreeW
UuidToStringW
UuidCreateSequential

ws2_32

socket
WSAIoctl
getaddrinfo
closesocket
shutdown
connect
setsockopt
freeaddrinfo
recv
send
WSARecv
WSASend
ioctlsocket
WSARecvFrom
gethostname
htons
ntohs
WSAAddressToStringW
WSAStartup
getsockname
getpeername
getnameinfo
InetPtonW
InetNtopW
bind
listen
WSASocketW
getsockopt
WSAGetLastError
WSASendTo
WSASetLastError

imm32

ImmGetCompositionStringW
ImmReleaseContext
ImmSetCompositionStringW
ImmNotifyIME
ImmGetContext
ImmSetCandidateWindow
ImmSetCompositionWindow

user32

TrackMouseEvent
ReleaseCapture
SetCapture
GetWindowThreadProcessId
RegisterTouchWindow
SetCaretPos
GetFocus
DestroyCaret
CreateCaret
DefWindowProcW
GetWindowLongPtrW
SetTimer
KillTimer
PostMessageW
UnregisterClassW
GetClientRect
RegisterClassW
SetWindowLongPtrW
CreateWindowExW
GetTouchInputInfo
EmptyClipboard
SystemParametersInfoW
CloseClipboard
GetClipboardData
OpenClipboard
ScreenToClient
GetCursorPos
SetCursor
IsWindowVisible
LoadCursorW
NotifyWinEvent
ClientToScreen
MonitorFromPoint
ReleaseDC
GetDC
MonitorFromWindow
MapVirtualKeyW
GetKeyState
SendInput
CloseTouchInputHandle
PeekMessageW
SetClipboardData
IsIconic
IsWindow
InvalidateRect
DefWindowProcA
LoadCursorA
CharNextW
IsClipboardFormatAvailable
WindowFromDC
RegisterClassA
CreateWindowExA
UnregisterClassA
DestroyWindow
GetMessageExtraInfo

gdi32

GetPixelFormat
SwapBuffers
DescribePixelFormat
SetPixelFormat
ChoosePixelFormat
SetDIBitsToDevice
GetDeviceCaps

opengl32

wglGetProcAddress
wglGetCurrentContext

bcrypt

BCryptGenRandom

oleacc

LresultFromObject

uiautomationcore

UiaRaiseAutomationEvent
UiaRaiseAutomationPropertyChangedEvent

dxgi

CreateDXGIFactory
CreateDXGIFactory1

d3d9

Direct3DCreate9
D3DPERF_GetStatus
D3DPERF_SetMarker
D3DPERF_BeginEvent
D3DPERF_EndEvent

kernel32

LCMapStringW
CompareStringW
GetCPInfo
GetTickCount
GetModuleHandleExW
QueueUserWorkItem
GetStringTypeW
EncodePointer
RtlPcToFileHeader
GetExitCodeThread
GetLocaleInfoW
TryEnterCriticalSection
AreFileApisANSI
GetFileAttributesExW
FindFirstFileExW
GetStartupInfoW
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
UnregisterWaitEx
QueryDepthSList
InterlockedPopEntrySList
RtlUnwindEx
InterlockedPushEntrySList
InterlockedFlushSList
SwitchToThread
ReadConsoleW
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
InitializeSListHead
WaitForSingleObjectEx
ResetEvent
SetEvent
IsDebuggerPresent
SetFilePointerEx
GetTempFileNameA
GetTempPathA
GetEnvironmentVariableA
LoadLibraryExA
GetModuleHandleExA
GetModuleHandleA
VerifyVersionInfoW
VerSetConditionMask
LocaleNameToLCID
lstrcmpiW
SizeofResource
LoadResource
FindResourceW
LoadLibraryExW
SleepConditionVariableSRW
VirtualQuery
SetThreadPriority
GetCurrentThread
QueryPerformanceCounter
QueryPerformanceFrequency
GetCommandLineW
WakeAllConditionVariable
WakeConditionVariable
SleepConditionVariableCS
InitializeConditionVariable
TlsFree
SetFileTime
DeviceIoControl
CopyFileExW
CreateSymbolicLinkW
GetFullPathNameW
UnlockFileEx
LockFileEx
VirtualProtect
SetFileAttributesW
MoveFileExW
GetConsoleScreenBufferInfo
GetExitCodeProcess
UnregisterWait
RegisterWaitForSingleObject
CreateNamedPipeW
GetCurrentProcessId
TerminateProcess
OpenProcess
WaitForMultipleObjects
CreateEventW
CreateProcessW
GetModuleFileNameW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetUserDefaultLocaleName
GetDriveTypeW
PeekNamedPipe
TzSpecificLocalTimeToSystemTime
SystemTimeToFileTime
CreateThread
ExitThread
FreeLibraryAndExitThread
GetDateFormatW
GetTimeFormatW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
IsValidCodePage
GetACP
GetOEMCP
GetCommandLineA
SetEnvironmentVariableW
WriteConsoleW
CreateTimerQueue
SignalObjectAndWait
GetThreadPriority
GetLogicalProcessorInformation
CreateTimerQueueTimer
ChangeTimerQueueTimer
DeleteTimerQueueTimer
GetNumaHighestNodeNumber
GetProcessAffinityMask
SetThreadAffinityMask
GetThreadTimes
GetVersionExW
SetCurrentDirectoryW
GetCurrentDirectoryW
GetQueuedCompletionStatus
ReadDirectoryChangesW
WriteFile
PostQueuedCompletionStatus
GetFileType
OpenThread
CancelIoEx
CreateIoCompletionPort
SetStdHandle
SetConsoleMode
GetConsoleMode
GetStdHandle
SetConsoleCP
SetConsoleOutputCP
GetConsoleCP
GetConsoleOutputCP
SetConsoleCtrlHandler
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
GetFinalPathNameByHandleA
ExitProcess
TryAcquireSRWLockExclusive
ReadFile
GetFileSizeEx
LoadLibraryA
GetProcAddress
GetLastError
GlobalAlloc
GlobalFree
GlobalLock
GlobalUnlock
GetThreadPreferredUILanguages
GetLocaleInfoEx
GetCurrentThreadId
FormatMessageW
OutputDebugStringW
LocalFree
GetModuleHandleW
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
DecodePointer
GetProcessHeap
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
WideCharToMultiByte
MultiByteToWideChar
CreateSemaphoreW
CloseHandle
WaitForSingleObject
ReleaseSemaphore
RaiseException
GetTempPathW
CreateDirectoryW
CreateFileW
GetCurrentProcess
DuplicateHandle
GetFileInformationByHandle
GetFileAttributesW
RemoveDirectoryW
DeleteFileW
SetFilePointer
SetEndOfFile
FlushViewOfFile
FlushFileBuffers
MoveFileW
FindFirstFileW
FindNextFileW
FindClose
GetFinalPathNameByHandleW
GetFileSize
CreateFileMappingW
MapViewOfFile
UnmapViewOfFile
CreateWaitableTimerW
SetWaitableTimer
LoadLibraryW
FreeLibrary
GetModuleFileNameA
Sleep
GetSystemInfo
VirtualFree
VirtualAlloc
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
GetTimeZoneInformation
GetSystemTimeAsFileTime
CreateFileA
FormatMessageA
InitOnceExecuteOnce
InitializeSRWLock
AcquireSRWLockShared
AcquireSRWLockExclusive
ReleaseSRWLockShared
ReleaseSRWLockExclusive
TlsGetValue
TlsAlloc
SetLastError
TlsSetValue
GetNativeSystemInfo
OutputDebugStringA
RtlUnwind

crypt32

CertCloseStore
CertOpenStore
CertEnumCertificatesInStore
CertFreeCertificateContext

Exports

Exports

??0PlatformMethods@angle@@QEAA@XZ
??4PlatformMethods@angle@@QEAAAEAU01@$$QEAU01@@Z
??4PlatformMethods@angle@@QEAAAEAU01@AEBU01@@Z
ANGLEGetDisplayPlatform
ANGLEResetDisplayPlatform
FlutterDesktopEngineCreate
FlutterDesktopEngineDestroy
FlutterDesktopEngineGetMessenger
FlutterDesktopEngineGetPluginRegistrar
FlutterDesktopEngineProcessMessages
FlutterDesktopEngineReloadPlatformBrightness
FlutterDesktopEngineReloadSystemFonts
FlutterDesktopEngineRun
FlutterDesktopGetDpiForHWND
FlutterDesktopGetDpiForMonitor
FlutterDesktopMessengerSend
FlutterDesktopMessengerSendResponse
FlutterDesktopMessengerSendWithReply
FlutterDesktopMessengerSetCallback
FlutterDesktopPluginRegistrarGetMessenger
FlutterDesktopPluginRegistrarGetView
FlutterDesktopPluginRegistrarRegisterTopLevelWindowProcDelegate
FlutterDesktopPluginRegistrarSetDestructionHandler
FlutterDesktopPluginRegistrarUnregisterTopLevelWindowProcDelegate
FlutterDesktopRegistrarGetTextureRegistrar
FlutterDesktopResyncOutputStreams
FlutterDesktopTextureRegistrarMarkExternalTextureFrameAvailable
FlutterDesktopTextureRegistrarRegisterExternalTexture
FlutterDesktopTextureRegistrarUnregisterExternalTexture
FlutterDesktopViewControllerCreate
FlutterDesktopViewControllerDestroy
FlutterDesktopViewControllerForceRedraw
FlutterDesktopViewControllerGetEngine
FlutterDesktopViewControllerGetView
FlutterDesktopViewControllerHandleTopLevelWindowProc
FlutterDesktopViewGetHWND

Sections

.text
Size: 10.3MB - Virtual size: 10.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2.4MB - Virtual size: 2.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 358KB - Virtual size: 425KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 398KB - Virtual size: 397KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 124KB - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
steam_ssfner.exe
.exe windows:6 windows x64 arch:x64

2a7aef41798a463a0e2b293e89a16bf7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

url_launcher_windows_plugin

UrlLauncherWindowsRegisterWithRegistrar

flutter_windows

FlutterDesktopViewControllerHandleTopLevelWindowProc
FlutterDesktopMessengerSend
FlutterDesktopMessengerSendWithReply
FlutterDesktopMessengerSendResponse
FlutterDesktopMessengerSetCallback
FlutterDesktopViewGetHWND
FlutterDesktopViewControllerGetView
FlutterDesktopViewControllerDestroy
FlutterDesktopResyncOutputStreams
FlutterDesktopGetDpiForMonitor
FlutterDesktopEngineCreate
FlutterDesktopViewControllerCreate
FlutterDesktopEngineGetMessenger
FlutterDesktopEngineGetPluginRegistrar
FlutterDesktopEngineReloadSystemFonts
FlutterDesktopEngineDestroy

kernel32

GetStartupInfoW
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
LoadLibraryA
GetProcAddress
GetModuleHandleW
FreeLibrary
AttachConsole
AllocConsole
WideCharToMultiByte
LocalFree
GetCommandLineW
IsDebuggerPresent

user32

RegisterClassW
UnregisterClassW
CreateWindowExW
DestroyWindow
MoveWindow
SetWindowPos
PostQuitMessage
GetClientRect
GetWindowLongPtrW
SetWindowLongPtrW
SetParent
LoadCursorW
LoadIconW
MonitorFromPoint
DefWindowProcW
SetFocus
DispatchMessageW
GetMessageW
TranslateMessage

shell32

CommandLineToArgvW

ole32

CoInitializeEx
CoUninitialize

msvcp140

?sync_with_stdio@ios_base@std@@SA_N_N@Z
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADD@Z
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
?put@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@D@Z
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
?cerr@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
?_Xbad_function_call@std@@YAXXZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z
?_Raise_handler@std@@3P6AXAEBVexception@stdext@@@ZEA
?_Xlength_error@std@@YAXPEBD@Z

vcruntime140_1

__CxxFrameHandler4

vcruntime140

__std_terminate
__std_exception_copy
memset
__C_specific_handler
memmove
memcpy
__current_exception_context
__current_exception
memcmp
_CxxThrowException
__std_exception_destroy

api-ms-win-crt-runtime-l1-1-0

_initialize_onexit_table
_register_onexit_function
_crt_atexit
_invalid_parameter_noinfo_noreturn
_invoke_watson
_register_thread_local_exe_atexit_callback
_c_exit
_cexit
terminate
_seh_filter_exe
_set_app_type
_configure_wide_argv
_initialize_wide_environment
_get_wide_winmain_command_line
_initterm
_initterm_e
exit
_exit

api-ms-win-crt-stdio-l1-1-0

_fileno
freopen_s
__acrt_iob_func
_dup2
__p__commode
_set_fmode

api-ms-win-crt-heap-l1-1-0

_callnewh
malloc
free
_set_new_mode

api-ms-win-crt-math-l1-1-0

__setusermatherr

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

Sections

.text
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 188B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
url_launcher_windows_plugin.dll
.dll windows:6 windows x64 arch:x64

850f1184e58d6928c377814b51b189a1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

flutter_windows

FlutterDesktopPluginRegistrarGetView
FlutterDesktopTextureRegistrarMarkExternalTextureFrameAvailable
FlutterDesktopTextureRegistrarUnregisterExternalTexture
FlutterDesktopTextureRegistrarRegisterExternalTexture
FlutterDesktopMessengerSetCallback
FlutterDesktopMessengerSendResponse
FlutterDesktopMessengerSendWithReply
FlutterDesktopMessengerSend
FlutterDesktopRegistrarGetTextureRegistrar
FlutterDesktopPluginRegistrarGetMessenger
FlutterDesktopPluginRegistrarSetDestructionHandler

kernel32

GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
DisableThreadLibraryCalls
GetCurrentProcess
SetUnhandledExceptionFilter
MultiByteToWideChar
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
InitializeSListHead
IsDebuggerPresent
TerminateProcess
DeleteCriticalSection
SetEvent
ResetEvent
WaitForSingleObjectEx
CreateEventW
GetModuleHandleW
GetProcAddress
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
CloseHandle

shell32

ShellExecuteW

advapi32

RegOpenKeyExW
RegCloseKey
RegQueryValueExW

msvcp140

??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@H@Z
?put@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@D@Z
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
?_Xbad_function_call@std@@YAXXZ
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAPEAV12@PEAD_J@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?cerr@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
?_Xlength_error@std@@YAXPEBD@Z
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADD@Z
?_Raise_handler@std@@3P6AXAEBVexception@stdext@@@ZEA
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAXAEBVlocale@2@@Z
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z

vcruntime140

_CxxThrowException
__std_exception_destroy
__std_exception_copy
__C_specific_handler
memmove
memcmp
memchr
_purecall
__std_terminate
memset
__std_type_info_destroy_list
memcpy

vcruntime140_1

__CxxFrameHandler4

api-ms-win-crt-runtime-l1-1-0

_execute_onexit_table
_register_onexit_function
_initialize_onexit_table
_cexit
_configure_narrow_argv
_seh_filter_dll
_initterm_e
_initterm
_invoke_watson
_invalid_parameter_noinfo_noreturn
_initialize_narrow_environment
_crt_atexit

api-ms-win-crt-heap-l1-1-0

free
malloc
_callnewh

Exports

Exports

UrlLauncherWindowsRegisterWithRegistrar

Sections

.text
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 392B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

462c7c8dc825cd31e8ec07f164051e15

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

advapi32

iphlpapi

ole32

oleaut32

psapi

rpcrt4

ws2_32

imm32

user32

gdi32

opengl32

bcrypt

oleacc

uiautomationcore

dxgi

d3d9

kernel32

crypt32

Exports

Exports

Sections

.text Size: 10.3MB - Virtual size: 10.3MB

.rdata Size: 2.4MB - Virtual size: 2.4MB

.data Size: 358KB - Virtual size: 425KB

.pdata Size: 398KB - Virtual size: 397KB

.reloc Size: 124KB - Virtual size: 124KB

2a7aef41798a463a0e2b293e89a16bf7

Headers

DLL Characteristics

File Characteristics

Imports

url_launcher_windows_plugin

flutter_windows

kernel32

user32

shell32

ole32

msvcp140

vcruntime140_1

vcruntime140

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-locale-l1-1-0

Sections

.text Size: 21KB - Virtual size: 20KB

.rdata Size: 12KB - Virtual size: 12KB

.data Size: 1024B - Virtual size: 2KB

.pdata Size: 2KB - Virtual size: 1KB

.rsrc Size: 36KB - Virtual size: 35KB

.reloc Size: 512B - Virtual size: 188B

850f1184e58d6928c377814b51b189a1

Headers

DLL Characteristics

File Characteristics

Imports

flutter_windows

kernel32

shell32

advapi32

msvcp140

vcruntime140

vcruntime140_1

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-heap-l1-1-0

Exports

Exports

Sections

.text
Size: 10.3MB - Virtual size: 10.3MB

.rdata
Size: 2.4MB - Virtual size: 2.4MB

.data
Size: 358KB - Virtual size: 425KB

.pdata
Size: 398KB - Virtual size: 397KB

.reloc
Size: 124KB - Virtual size: 124KB

.text
Size: 21KB - Virtual size: 20KB

.rdata
Size: 12KB - Virtual size: 12KB

.data
Size: 1024B - Virtual size: 2KB

.pdata
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 36KB - Virtual size: 35KB

.reloc
Size: 512B - Virtual size: 188B

.text
Size: 48KB - Virtual size: 48KB

.rdata
Size: 20KB - Virtual size: 19KB

.data
Size: 3KB - Virtual size: 4KB

.pdata
Size: 3KB - Virtual size: 3KB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 512B - Virtual size: 392B