C:\buildslave\unity\build\build\WindowsStandaloneSupport\Variations\win32_nondevelopment_mono\player_win_x86.pdb
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
steamfix.zip
Resource
win7-20240221-en
windows7-x64
0 signatures
150 seconds
Behavioral task
behavioral2
Sample
steamfix.zip
Resource
win10v2004-20240508-en
windows10-2004-x64
0 signatures
150 seconds
General
-
Target
steamfix.zip
-
Size
8.7MB
-
MD5
bbfc50867ee8c1cbafbbc9832fabcf9b
-
SHA1
650047a0a9558609ff582b84563b92fed1e4c1ee
-
SHA256
da5dcc72e5f8fdfa1633451a0ef3407b189be8947a650200f523e233faa66e7d
-
SHA512
83d663c9edd236aae8482e8633d4aa697410993cd263a25d41a630b79351f9165867c59392a73f5507d6cdeab724d7e03b930d88a46aa26c6376e01dc55de8dd
-
SSDEEP
196608:OCdLPsgNtZEL/ThADycl4uZ1oZZlrhUIAFf4RC7Y7dEQ258nPv4wt:OiLPlWLFzcfoZZ1hUBf40GE15uX
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource unpack001/StickFight.exe
Files
-
steamfix.zip.zip
-
StickFight.exe.exe windows:5 windows x86 arch:x86
28acbca203d37b10f75c2bd32b8e00a7
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
hid
HidP_GetCaps
HidD_GetPreparsedData
HidD_GetProductString
HidD_GetManufacturerString
HidD_GetSerialNumberString
HidD_GetIndexedString
HidP_GetButtonCaps
HidP_MaxDataListLength
HidD_FreePreparsedData
HidP_GetData
HidP_GetValueCaps
HidD_GetHidGuid
kernel32
InterlockedIncrement
InterlockedDecrement
GetFullPathNameW
GetCurrentProcessId
GetCurrentProcess
GetCurrentThread
GetWindowsDirectoryW
FormatMessageA
SystemTimeToFileTime
GetLocalTime
GetTimeZoneInformation
LocalFree
GetSystemInfo
GetModuleFileNameW
InitializeCriticalSection
ResetEvent
GetTickCount
ReadFile
SetFilePointerEx
WriteFile
SetEndOfFile
GetFileAttributesExW
CreateFileW
SetFileAttributesW
GetFileAttributesW
MoveFileExW
FindClose
FindNextFileW
FindFirstFileW
FindFirstFileExW
SetFilePointer
ReplaceFileW
GetTempFileNameW
LoadLibraryExW
CreateEventW
GlobalUnlock
GlobalLock
GlobalAlloc
RemoveDirectoryW
SetFileTime
GetSystemTime
GetDiskFreeSpaceExA
lstrcpynA
lstrcpyA
lstrcpynW
GetCommandLineW
ExpandEnvironmentStringsW
ResumeThread
GetThreadContext
SuspendThread
OutputDebugStringA
GetEnvironmentVariableA
GetFileAttributesA
GetModuleFileNameA
GetVersionExA
GetCurrentDirectoryA
VerifyVersionInfoW
VerSetConditionMask
GetVersionExW
GetSystemPowerStatus
GlobalMemoryStatusEx
GetUserDefaultUILanguage
GetComputerNameW
GetTempPathW
LocalAlloc
SetUnhandledExceptionFilter
OpenEventW
DebugBreak
GetCurrentDirectoryW
GetOverlappedResult
CancelIo
GetFileSize
FileTimeToDosDateTime
FileTimeToLocalFileTime
lstrlenA
GetFileTime
VirtualQuery
GlobalMemoryStatus
RaiseException
DecodePointer
EncodePointer
HeapAlloc
HeapFree
RtlUnwind
HeapReAlloc
ExitProcess
GetModuleHandleA
GetCurrentThreadId
DuplicateHandle
SetConsoleCtrlHandler
ExitThread
GetCommandLineA
HeapSetInformation
GetStartupInfoW
FileTimeToSystemTime
GetDriveTypeA
FindFirstFileExA
IsProcessorFeaturePresent
GetStdHandle
GetLocaleInfoW
UnhandledExceptionFilter
TerminateProcess
HeapCreate
SetHandleCount
GetFileType
GetConsoleCP
GetConsoleMode
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
InterlockedExchange
FlushFileBuffers
SetStdHandle
GetStringTypeW
LCMapStringW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetFullPathNameA
GetFileInformationByHandle
PeekNamedPipe
CreateFileA
WriteConsoleW
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
CompareStringW
SetEnvironmentVariableA
GetDriveTypeW
GetProcessHeap
GetProcessAffinityMask
InterlockedExchangeAdd
VirtualProtect
VirtualAlloc
VirtualFree
FlushConsoleInputBuffer
SwitchToThread
SetThreadAffinityMask
InitializeSListHead
InterlockedPushEntrySList
InterlockedPopEntrySList
InterlockedFlushSList
OpenEventA
SetWaitableTimer
CreateWaitableTimerA
GetSystemDirectoryA
SetConsoleMode
ReadConsoleInputA
GetDateFormatA
GetTimeFormatA
CreateMutexW
FlushInstructionCache
CreateSemaphoreW
SignalObjectAndWait
VerifyVersionInfoA
ExpandEnvironmentStringsA
GetVersion
SleepEx
GetQueuedCompletionStatus
CreateIoCompletionPort
SetHandleInformation
FormatMessageW
GetSystemTimeAsFileTime
HeapQueryInformation
InitializeCriticalSectionAndSpinCount
CreateFileMappingA
MapViewOfFile
UnmapViewOfFile
SetThreadPriority
CreateThread
TryEnterCriticalSection
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
HeapSize
CreateMutexA
ReleaseMutex
InterlockedCompareExchange
GetModuleHandleW
SetDllDirectoryW
CreateDirectoryW
WaitForSingleObject
WideCharToMultiByte
LoadLibraryA
SetEvent
IsDebuggerPresent
ReleaseSemaphore
WaitForSingleObjectEx
CreateSemaphoreA
TlsSetValue
TlsGetValue
TlsFree
TlsAlloc
DeleteFileW
CopyFileW
GetStartupInfoA
LoadLibraryW
GetProcAddress
FreeLibrary
CreateEventA
CloseHandle
Sleep
SetLastError
GetLastError
MultiByteToWideChar
QueryPerformanceFrequency
QueryPerformanceCounter
SetErrorMode
user32
SystemParametersInfoW
GetAsyncKeyState
ClientToScreen
RegisterRawInputDevices
GetMessageTime
MapVirtualKeyExA
GetMessagePos
GetRawInputData
GetKeyNameTextW
LoadKeyboardLayoutA
GetRawInputDeviceInfoW
GetRawInputDeviceList
wvsprintfA
GetWindowLongW
SetWindowLongW
PostQuitMessage
GetMonitorInfoA
SetFocus
GetFocus
ShowCursor
SetWindowTextW
GetDlgItem
IsDlgButtonChecked
CopyImage
SetWindowLongA
KillTimer
GetMessageA
PeekMessageA
SetWindowPos
SetCursorPos
RegisterDeviceNotificationW
GetMessageExtraInfo
PtInRect
MessageBoxA
DispatchMessageA
UnregisterDeviceNotification
ReleaseCapture
DestroyIcon
DestroyCursor
ChangeDisplaySettingsA
SetCursor
GetSystemMetrics
GetDC
ReleaseDC
CreateIconIndirect
IsClipboardFormatAvailable
GetClipboardData
OpenClipboard
EmptyClipboard
CloseClipboard
SetClipboardData
GetCursorPos
WindowFromPoint
IsWindowVisible
GetCaretBlinkTime
MessageBoxW
UpdateWindow
GetKeyState
LoadImageW
DialogBoxParamA
EndDialog
SetForegroundWindow
ScreenToClient
CheckDlgButton
GetAncestor
CreateDialogParamW
PeekMessageW
IsDialogMessageW
DispatchMessageW
MsgWaitForMultipleObjects
SetCapture
RegisterClassExW
DialogBoxParamW
LoadIconA
SendDlgItemMessageW
SetDlgItemTextA
SetDlgItemTextW
CopyRect
OffsetRect
GetDesktopWindow
AdjustWindowRectEx
GetWindowPlacement
ClipCursor
MonitorFromWindow
GetWindowRect
TranslateMessage
GetProcessWindowStation
GetUserObjectInformationW
SendMessageA
UnregisterClassW
DestroyWindow
DefWindowProcW
RegisterClassW
CreateWindowExW
EnumDisplayMonitors
EnumDisplaySettingsA
EnumDisplayDevicesA
GetClientRect
EnableWindow
SetTimer
ShowWindow
GetParent
ValidateRect
CreateDialogParamA
GetWindowLongA
GetThreadDesktop
GetUserObjectInformationA
EnumWindows
RegisterWindowMessageA
SendMessageTimeoutA
IsIconic
LoadCursorA
wsprintfA
version
GetFileVersionInfoSizeA
GetFileVersionInfoA
GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueA
ole32
PropVariantClear
CoCreateGuid
CoTaskMemAlloc
CoTaskMemFree
CoCreateInstance
CoUninitialize
CoSetProxyBlanket
StringFromGUID2
CoInitialize
shlwapi
PathFileExistsW
SHDeleteKeyW
PathCanonicalizeW
advapi32
RegCloseKey
RegisterEventSourceA
ReportEventA
DeregisterEventSource
CryptImportKey
CryptVerifySignatureA
CryptDestroyKey
OpenProcessToken
GetTokenInformation
GetSidSubAuthority
GetUserNameA
RegOpenKeyExW
RegCreateKeyW
RegSetValueExA
RegQueryValueExA
RegDeleteValueA
CryptGetHashParam
CryptDestroyHash
CryptHashData
CryptReleaseContext
CryptCreateHash
CryptAcquireContextA
RegQueryValueExW
RegSetValueExW
RegCreateKeyExW
gdi32
ChoosePixelFormat
SwapBuffers
GetDeviceCaps
SetPixelFormat
GetObjectA
DeleteObject
CreateBitmap
CreateDIBSection
shell32
SHFileOperationW
SHGetFolderPathW
ShellExecuteW
CommandLineToArgvW
opengl32
wglGetCurrentContext
wglCreateContext
wglMakeCurrent
wglDeleteContext
wglGetProcAddress
wglGetCurrentDC
winmm
waveInGetNumDevs
timeGetTime
timeEndPeriod
waveOutGetNumDevs
waveOutGetDevCapsA
waveOutGetDevCapsW
waveOutClose
waveOutOpen
waveOutUnprepareHeader
waveOutWrite
waveOutReset
waveOutGetPosition
waveInAddBuffer
waveInPrepareHeader
waveInUnprepareHeader
waveInGetDevCapsA
waveInGetDevCapsW
waveInStart
waveInOpen
waveInClose
waveInReset
waveOutPrepareHeader
timeBeginPeriod
ws2_32
WSAEnumNetworkEvents
WSAResetEvent
WSAWaitForMultipleEvents
WSACloseEvent
WSAEventSelect
WSACreateEvent
WSASetEvent
WSACancelAsyncRequest
WSAAsyncGetHostByName
WSACleanup
ntohl
htonl
ntohs
htons
getpeername
getprotobyname
recv
gethostbyname
shutdown
listen
accept
WSARecvFrom
WSAIoctl
getnameinfo
getaddrinfo
recvfrom
sendto
send
gethostname
socket
connect
bind
inet_addr
WSAStartup
select
__WSAFDIsSet
inet_ntoa
getsockname
freeaddrinfo
WSASocketA
WSASetLastError
WSAGetLastError
setsockopt
ioctlsocket
getsockopt
closesocket
oleaut32
VariantClear
SysAllocString
SysFreeString
VariantChangeType
VariantInit
imm32
ImmReleaseContext
ImmSetOpenStatus
ImmGetConversionStatus
ImmGetCompositionStringW
ImmAssociateContextEx
ImmAssociateContext
ImmGetContext
ImmSetCompositionStringW
dnsapi
DnsQuery_A
DnsFree
iphlpapi
GetIpAddrTable
winhttp
WinHttpGetIEProxyConfigForCurrentUser
Exports
Exports
AmdPowerXpressRequestHighPerformance
NvOptimusEnablement
Sections
.text Size: 14.2MB - Virtual size: 14.2MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 1.7MB - Virtual size: 1.7MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 257KB - Virtual size: 1.0MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rodata Size: 3KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.trace Size: 7KB - Virtual size: 6KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data1 Size: 512B - Virtual size: 64B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
_RDATA Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 554KB - Virtual size: 553KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 582KB - Virtual size: 582KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
UltraVNC.ini
-
click me.bat
-
onlinefix1.exe.exe windows:6 windows x86 arch:x86
e17d69c6298036078d46d8e30d522921
Code Sign
48:fc:93:b4:60:55:94:8d:36:a7:c9:8a:89:d6:94:16Certificate
IssuerCN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GBNot Before25/05/2021, 00:00Not After31/12/2028, 23:59SubjectCN=Sectigo Public Code Signing Root R46,O=Sectigo Limited,C=GBExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
4c:03:67:0a:31:e6:2b:9f:ac:b9:d2:d3:70:39:bd:07Certificate
IssuerCN=Sectigo Public Code Signing CA R36,O=Sectigo Limited,C=GBNot Before23/09/2022, 00:00Not After22/09/2025, 23:59SubjectCN=uvnc bvba,O=uvnc bvba,ST=Antwerpen,C=BEExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
62:1d:6d:0c:52:01:9e:3b:90:79:15:20:89:21:1c:0aCertificate
IssuerCN=Sectigo Public Code Signing Root R46,O=Sectigo Limited,C=GBNot Before22/03/2021, 00:00Not After21/03/2036, 23:59SubjectCN=Sectigo Public Code Signing CA R36,O=Sectigo Limited,C=GBExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
39:4c:25:e1:7c:a0:6d:27:a8:65:e2:3b:d9:1d:22:d4Certificate
IssuerCN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GBNot Before03/05/2023, 00:00Not After02/08/2034, 23:59SubjectCN=Sectigo RSA Time Stamping Signer #4,O=Sectigo Limited,ST=Manchester,C=GBExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageContentCommitment
30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9Certificate
IssuerCN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=USNot Before02/05/2019, 00:00Not After18/01/2038, 23:59SubjectCN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GBExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
e0:4a:78:a1:f2:34:2f:a1:dd:4c:96:a5:df:90:ba:b4:9c:b3:b6:52:7d:14:ef:ad:90:96:c8:66:c4:00:b3:eeSigner
Actual PE Digeste0:4a:78:a1:f2:34:2f:a1:dd:4c:96:a5:df:90:ba:b4:9c:b3:b6:52:7d:14:ef:ad:90:96:c8:66:c4:00:b3:eeDigest Algorithmsha256PE Digest MatchestrueHeaders
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
C:\Users\rudi\Desktop\git_ultravnc\winvnc\Release\winvnc.pdb
Imports
ws2_32
htons
setsockopt
WSAGetLastError
getsockopt
recv
connect
htonl
gethostbyname
inet_ntoa
bind
socket
WSACleanup
__WSAFDIsSet
accept
gethostname
WSAIoctl
closesocket
select
shutdown
listen
WSAStartup
getpeername
inet_addr
getsockname
send
version
GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA
wtsapi32
WTSQueryUserToken
WTSFreeMemory
WTSEnumerateSessionsA
userenv
CreateEnvironmentBlock
ExpandEnvironmentStringsForUserA
DestroyEnvironmentBlock
kernel32
RaiseException
DecodePointer
WritePrivateProfileStructA
OpenProcess
WritePrivateProfileStringA
GetPrivateProfileStructA
GetPrivateProfileIntA
GetPrivateProfileStringA
WritePrivateProfileSectionA
CreateFileMappingA
Sleep
CreateThread
MulDiv
VerSetConditionMask
VerifyVersionInfoW
ReadFile
WriteFile
OutputDebugStringA
WaitForMultipleObjects
GetEnvironmentVariableA
WaitForSingleObject
CreateFileW
GetSystemDirectoryW
SetCurrentDirectoryA
lstrcatW
LoadLibraryW
SetFileAttributesA
CreateEventA
WaitNamedPipeW
GetExitCodeProcess
ResumeThread
ResetEvent
CompareFileTime
CreateFileA
GetFileSize
GetFileTime
GetStdHandle
WriteConsoleA
FreeConsole
FormatMessageA
AllocConsole
GetExitCodeThread
MoveFileA
GetDriveTypeA
SetFileTime
SetErrorMode
SetFilePointer
SetEndOfFile
GetFileAttributesA
MoveFileExA
FileTimeToSystemTime
GetLogicalDriveStringsA
SystemTimeToFileTime
CreateDirectoryA
GetSystemTime
FlushFileBuffers
TerminateProcess
VirtualAllocEx
ReadProcessMemory
SetThreadExecutionState
WinExec
WTSGetActiveConsoleSessionId
SizeofResource
FindResourceA
LockResource
LoadResource
CreateMutexA
ReleaseMutex
GlobalGetAtomNameA
GlobalDeleteAtom
GetModuleHandleW
SetProcessShutdownParameters
GetVolumeInformationA
ReadConsoleW
GetTimeZoneInformation
GetConsoleMode
GetConsoleOutputCP
GetModuleHandleExW
ExitProcess
SystemTimeToTzSpecificLocalTime
PeekNamedPipe
GetFileInformationByHandle
GetDriveTypeW
LoadLibraryExW
EncodePointer
RtlUnwind
OutputDebugStringW
InitializeSListHead
QueryPerformanceCounter
GetStartupInfoW
IsDebuggerPresent
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
CreateSemaphoreA
TlsFree
TlsGetValue
TlsAlloc
GetCurrentThread
DuplicateHandle
SetThreadPriority
ReleaseSemaphore
TlsSetValue
InitializeConditionVariable
WakeConditionVariable
WakeAllConditionVariable
SleepConditionVariableCS
GetFileType
lstrcatA
lstrcmpiA
lstrcpynA
DosDateTimeToFileTime
GetLocalTime
FileTimeToLocalFileTime
SetVolumeLabelA
LocalFileTimeToFileTime
GetVersion
GetLocaleInfoA
GetFullPathNameA
lstrcpyA
InitializeCriticalSectionAndSpinCount
Process32Next
SetCurrentDirectoryW
GetCurrentDirectoryW
GetFullPathNameW
GetCurrentProcessId
TerminateThread
ExitThread
FreeLibraryAndExitThread
GetModuleFileNameW
HeapReAlloc
Process32NextW
GlobalAddAtomA
SetEnvironmentVariableW
ProcessIdToSessionId
CreateToolhelp32Snapshot
Process32First
GetComputerNameA
GetSystemInfo
GetSystemDirectoryA
MapViewOfFile
OpenFileMappingA
UnmapViewOfFile
DeleteFileA
GetTempPathA
FindClose
FindNextFileA
FindFirstFileA
GetProcessTimes
GetSystemTimeAsFileTime
DeleteCriticalSection
GetModuleHandleA
InitializeCriticalSection
LeaveCriticalSection
GetCurrentProcess
EnterCriticalSection
CloseHandle
GetVersionExA
SetEvent
GetLastError
GetCurrentThreadId
OpenEventA
GetModuleFileNameA
GetTickCount
FreeLibrary
GetProcessHeap
GetProcAddress
HeapAlloc
LoadLibraryA
lstrlenA
Process32FirstW
SetLastError
HeapFree
GlobalUnlock
WideCharToMultiByte
GlobalLock
GlobalFree
GlobalAlloc
GlobalSize
MultiByteToWideChar
CompareStringW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
GetStringTypeW
CreateDirectoryW
GetFileSizeEx
DeleteFileW
GetFileAttributesExW
SetFileAttributesW
MoveFileExW
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
RemoveDirectoryW
HeapSize
WriteConsoleW
SetFilePointerEx
SetStdHandle
GetCPInfo
VirtualFreeEx
user32
LoadStringW
GetSubMenu
SetMenuDefaultItem
DestroyMenu
TrackPopupMenuEx
RemoveMenu
EnableMenuItem
EnableWindow
GetWindow
VkKeyScanA
IsWindow
GetAsyncKeyState
MapVirtualKeyA
ToAscii
SendInput
SetClipboardViewer
GetClipboardOwner
WaitMessage
PostThreadMessageA
ChangeClipboardChain
SendNotifyMessageA
PeekMessageA
IsWindowVisible
FillRect
GetIconInfo
GetClassNameA
WindowFromPoint
ChangeWindowMessageFilter
EnumDesktopWindows
SetRect
DrawIconEx
DestroyIcon
GetKeyboardState
PtInRect
MessageBeep
FlashWindow
EnumDisplaySettingsExA
EnumDisplayDevicesA
ChangeDisplaySettingsExA
GetKeyState
keybd_event
EnumDisplaySettingsA
GetWindowRect
LoadStringA
ScreenToClient
EndDialog
GetScrollInfo
DialogBoxParamA
GetDlgItemTextA
SetWindowTextA
MoveWindow
SetFocus
SendDlgItemMessageA
SetDlgItemTextA
GetDlgItem
GetCursorPos
ExitWindowsEx
LoadMenuA
EnumWindows
RedrawWindow
SetDlgItemInt
CheckDlgButton
GetDlgItemInt
IntersectRect
LockWorkStation
DrawIcon
SetLayeredWindowAttributes
IsDlgButtonChecked
mouse_event
UpdateWindow
InvalidateRect
GetMessageA
LoadImageA
DispatchMessageA
LoadCursorA
DestroyWindow
SetWindowPos
ShowWindow
SetTimer
DrawTextA
SetWindowLongA
GetWindowLongA
SetWindowDisplayAffinity
AdjustWindowRect
DefWindowProcA
IsRectEmpty
CreateWindowExA
TranslateMessage
LoadIconA
GetClientRect
KillTimer
PostQuitMessage
RegisterClassExA
BeginPaint
EndPaint
wsprintfA
SystemParametersInfoA
GetWindowThreadProcessId
GetUserObjectInformationA
PostMessageA
RegisterWindowMessageA
FindWindowExA
OpenDesktopA
MessageBoxA
GetProcessWindowStation
FindWindowA
GetSystemMetrics
SendMessageA
SetThreadDesktop
GetThreadDesktop
CloseDesktop
GetForegroundWindow
OpenInputDesktop
GetDesktopWindow
GetDC
ReleaseDC
OpenClipboard
CloseClipboard
EmptyClipboard
GetClipboardData
SetClipboardData
IsClipboardFormatAvailable
RegisterClipboardFormatA
GetTopWindow
OemToCharA
CharToOemA
wvsprintfA
SetForegroundWindow
gdi32
GetBitmapBits
SetDIBColorTable
GdiFlush
RealizePalette
CreatePalette
SetBkColor
CreateFontIndirectA
GetObjectA
ExtEscape
GetSystemPaletteEntries
SetRectRgn
OffsetRgn
CreateRectRgn
GetRegionData
PtInRegion
CombineRgn
GetRgnBox
CreateFontA
PatBlt
StretchBlt
GetStockObject
GetClipBox
SetTextColor
SetBkMode
CreatePen
Rectangle
CreateSolidBrush
CreateDCA
BitBlt
DeleteObject
DeleteDC
GetPixel
GetDeviceCaps
GetDIBits
CreateCompatibleDC
CreateDIBSection
SelectObject
SelectPalette
CreateCompatibleBitmap
advapi32
GetSecurityDescriptorLength
GetSecurityDescriptorDacl
GetSecurityDescriptorGroup
GetSecurityDescriptorControl
GetSecurityDescriptorOwner
IsValidSid
IsValidSecurityDescriptor
GetKernelObjectSecurity
SetKernelObjectSecurity
IsValidAcl
SetSecurityInfo
RegCreateKeyA
GetSecurityDescriptorSacl
SetSecurityDescriptorDacl
ConvertStringSecurityDescriptorToSecurityDescriptorA
SetSecurityDescriptorSacl
InitializeSecurityDescriptor
CreateServiceA
AdjustTokenPrivileges
StartServiceCtrlDispatcherA
QueryServiceStatus
RegDeleteKeyA
SetTokenInformation
LookupPrivilegeValueA
SetServiceStatus
RegisterServiceCtrlHandlerA
DeleteService
DuplicateTokenEx
ImpersonateLoggedOnUser
EqualSid
AllocateAndInitializeSid
FreeSid
OpenProcessToken
RevertToSelf
CloseServiceHandle
OpenSCManagerA
GetUserNameA
LookupAccountSidA
OpenServiceA
GetTokenInformation
CreateProcessAsUserA
RegCloseKey
RegQueryValueExA
RegCreateKeyExA
RegSetValueExA
RegOpenKeyExA
RegDeleteValueA
shell32
ShellExecuteA
SHGetMalloc
Shell_NotifyIconW
SHGetPathFromIDListA
SHGetSpecialFolderLocation
SHFileOperationA
ShellExecuteExA
ole32
CoCreateInstance
CoInitialize
CoUninitialize
shlwapi
PathStripPathA
imm32
ImmGetDefaultIMEWnd
dwmapi
ord102
DwmIsCompositionEnabled
iphlpapi
GetAdaptersInfo
Exports
Exports
adler32
adler32_combine
adler32_z
compress
compress2
compressBound
crc32
crc32_combine
crc32_combine_gen
crc32_combine_op
crc32_z
deflate
deflateBound
deflateCopy
deflateEnd
deflateGetDictionary
deflateInit2_
deflateInit_
deflateParams
deflatePending
deflatePrime
deflateReset
deflateResetKeep
deflateSetDictionary
deflateSetHeader
deflateTune
get_crc_table
inflate
inflateCodesUsed
inflateCopy
inflateEnd
inflateGetDictionary
inflateGetHeader
inflateInit2_
inflateInit_
inflateMark
inflatePrime
inflateReset
inflateReset2
inflateResetKeep
inflateSetDictionary
inflateSync
inflateSyncPoint
inflateUndermine
inflateValidate
uncompress
uncompress2
zError
zlibCompileFlags
zlibVersion
Sections
.text Size: 1.3MB - Virtual size: 1.3MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 399KB - Virtual size: 399KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 7KB - Virtual size: 496KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 801KB - Virtual size: 800KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 46KB - Virtual size: 46KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
steamoverlay32.dll.dll windows:6 windows x86 arch:x86
841b8ed6700a72a4233e8a7de43590d0
Code Sign
d5:4f:27:86:74:e8:2f:65:b0:ba:31:5a:3c:bc:24:7a:3d:f1:a5Certificate
IssuerCN=Ascertia Public CA 1,O=Ascertia,C=GBNot Before16/09/2019, 13:49Not After16/10/2019, 13:49SubjectCN=OnlineFix,OU=OnlineFix,O=OnlineFix,L=OnlineFix,ST=OnlineFix,C=UK,1.2.840.113549.1.9.1=#0c146f6e6c696e65666978406f6e6c696e652e666978Extended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
KeyUsageContentCommitment
e6Certificate
IssuerCN=Ascertia Root CA 2,O=Ascertia,C=GBNot Before21/04/2009, 12:15Not After14/04/2028, 23:59SubjectCN=Ascertia Public CA 1,O=Ascertia,C=GBKey Usages
KeyUsageCertSign
KeyUsageCRLSign
09:c0:fc:46:c8:04:42:13:b5:59:8b:af:28:4f:4e:41Certificate
IssuerCN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before04/01/2017, 00:00Not After18/01/2028, 00:00SubjectCN=DigiCert SHA2 Timestamp Responder,O=DigiCert,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15Certificate
IssuerCN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before07/01/2016, 12:00Not After07/01/2031, 12:00SubjectCN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
e2:03:8d:15:b9:d9:4b:bd:e4:c4:74:4f:c4:80:a0:74:fd:8f:67:e2:6a:ad:41:ec:55:b5:95:eb:da:e6:bd:d4Signer
Actual PE Digeste2:03:8d:15:b9:d9:4b:bd:e4:c4:74:4f:c4:80:a0:74:fd:8f:67:e2:6a:ad:41:ec:55:b5:95:eb:da:e6:bd:d4Digest Algorithmsha256PE Digest MatchestrueHeaders
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Imports
kernel32
WriteConsoleW
LoadLibraryA
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
GetModuleHandleW
InterlockedFlushSList
RtlUnwind
GetLastError
SetLastError
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
GetProcAddress
LoadLibraryExW
RaiseException
ExitProcess
GetModuleHandleExW
GetModuleFileNameW
HeapAlloc
HeapFree
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
MultiByteToWideChar
WideCharToMultiByte
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetStdHandle
GetFileType
LCMapStringW
GetProcessHeap
GetStringTypeW
HeapSize
HeapReAlloc
SetStdHandle
FlushFileBuffers
WriteFile
GetConsoleCP
GetConsoleMode
SetFilePointerEx
CreateFileW
CloseHandle
DecodePointer
advapi32
RegCloseKey
RegOpenKeyExA
RegQueryValueExA
Exports
Exports
OnlineFix
Sections
.text Size: 43KB - Virtual size: 42KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 22KB - Virtual size: 22KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 2KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1024B - Virtual size: 656B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 3KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
winmm.dll.dll windows:6 windows x86 arch:x86
16494db0c3cebdaaf0d0b4580008cddb
Code Sign
d5:4f:27:86:74:e8:2f:65:b0:ba:31:5a:3c:bc:24:7a:3d:f1:a5Certificate
IssuerCN=Ascertia Public CA 1,O=Ascertia,C=GBNot Before16/09/2019, 13:49Not After16/10/2019, 13:49SubjectCN=OnlineFix,OU=OnlineFix,O=OnlineFix,L=OnlineFix,ST=OnlineFix,C=UK,1.2.840.113549.1.9.1=#0c146f6e6c696e65666978406f6e6c696e652e666978Extended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
KeyUsageContentCommitment
e6Certificate
IssuerCN=Ascertia Root CA 2,O=Ascertia,C=GBNot Before21/04/2009, 12:15Not After14/04/2028, 23:59SubjectCN=Ascertia Public CA 1,O=Ascertia,C=GBKey Usages
KeyUsageCertSign
KeyUsageCRLSign
09:c0:fc:46:c8:04:42:13:b5:59:8b:af:28:4f:4e:41Certificate
IssuerCN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before04/01/2017, 00:00Not After18/01/2028, 00:00SubjectCN=DigiCert SHA2 Timestamp Responder,O=DigiCert,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15Certificate
IssuerCN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before07/01/2016, 12:00Not After07/01/2031, 12:00SubjectCN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
61:a6:d1:27:9d:e5:d6:0e:15:a0:15:15:31:7a:7b:70:51:47:9e:32:37:45:e4:92:27:38:04:dc:90:76:5d:81Signer
Actual PE Digest61:a6:d1:27:9d:e5:d6:0e:15:a0:15:15:31:7a:7b:70:51:47:9e:32:37:45:e4:92:27:38:04:dc:90:76:5d:81Digest Algorithmsha256PE Digest MatchestrueHeaders
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Imports
kernel32
GetModuleFileNameA
GetCurrentProcess
LoadLibraryA
GetWindowsDirectoryA
GetProcAddress
IsWow64Process
SetEndOfFile
GetLastError
WideCharToMultiByte
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
SetLastError
InitializeCriticalSectionAndSpinCount
SwitchToThread
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetSystemTimeAsFileTime
GetModuleHandleW
EncodePointer
DecodePointer
MultiByteToWideChar
LCMapStringW
GetLocaleInfoW
GetStringTypeW
GetCPInfo
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
RtlUnwind
RaiseException
InterlockedFlushSList
FreeLibrary
LoadLibraryExW
ExitProcess
GetModuleHandleExW
GetModuleFileNameW
GetFileSizeEx
SetFilePointerEx
GetStdHandle
GetFileType
FlushFileBuffers
WriteFile
GetConsoleCP
GetConsoleMode
HeapFree
CloseHandle
HeapAlloc
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
ReadFile
ReadConsoleW
HeapReAlloc
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetProcessHeap
SetStdHandle
CreateFileW
HeapSize
WriteConsoleW
Exports
Exports
CloseDriver
DefDriverProc
DriverCallback
DrvGetModuleHandle
GetDriverModuleHandle
NotifyCallbackData
OpenDriver
PlaySound
PlaySoundA
PlaySoundW
SendDriverMessage
WOW32DriverCallback
WOW32ResolveMultiMediaHandle
WOWAppExit
aux32Message
auxGetDevCapsA
auxGetDevCapsW
auxGetNumDevs
auxGetVolume
auxOutMessage
auxSetVolume
joy32Message
joyConfigChanged
joyGetDevCapsA
joyGetDevCapsW
joyGetNumDevs
joyGetPos
joyGetPosEx
joyGetThreshold
joyReleaseCapture
joySetCapture
joySetThreshold
mci32Message
mciDriverNotify
mciDriverYield
mciExecute
mciFreeCommandResource
mciGetCreatorTask
mciGetDeviceIDA
mciGetDeviceIDFromElementIDA
mciGetDeviceIDFromElementIDW
mciGetDeviceIDW
mciGetDriverData
mciGetErrorStringA
mciGetErrorStringW
mciGetYieldProc
mciLoadCommandResource
mciSendCommandA
mciSendCommandW
mciSendStringA
mciSendStringW
mciSetDriverData
mciSetYieldProc
mid32Message
midiConnect
midiDisconnect
midiInAddBuffer
midiInClose
midiInGetDevCapsA
midiInGetDevCapsW
midiInGetErrorTextA
midiInGetErrorTextW
midiInGetID
midiInGetNumDevs
midiInMessage
midiInOpen
midiInPrepareHeader
midiInReset
midiInStart
midiInStop
midiInUnprepareHeader
midiOutCacheDrumPatches
midiOutCachePatches
midiOutClose
midiOutGetDevCapsA
midiOutGetDevCapsW
midiOutGetErrorTextA
midiOutGetErrorTextW
midiOutGetID
midiOutGetNumDevs
midiOutGetVolume
midiOutLongMsg
midiOutMessage
midiOutOpen
midiOutPrepareHeader
midiOutReset
midiOutSetVolume
midiOutShortMsg
midiOutUnprepareHeader
midiStreamClose
midiStreamOpen
midiStreamOut
midiStreamPause
midiStreamPosition
midiStreamProperty
midiStreamRestart
midiStreamStop
mixerClose
mixerGetControlDetailsA
mixerGetControlDetailsW
mixerGetDevCapsA
mixerGetDevCapsW
mixerGetID
mixerGetLineControlsA
mixerGetLineControlsW
mixerGetLineInfoA
mixerGetLineInfoW
mixerGetNumDevs
mixerMessage
mixerOpen
mixerSetControlDetails
mmDrvInstall
mmGetCurrentTask
mmTaskBlock
mmTaskCreate
mmTaskSignal
mmTaskYield
mmioAdvance
mmioAscend
mmioClose
mmioCreateChunk
mmioDescend
mmioFlush
mmioGetInfo
mmioInstallIOProcA
mmioInstallIOProcW
mmioOpenA
mmioOpenW
mmioRead
mmioRenameA
mmioRenameW
mmioSeek
mmioSendMessage
mmioSetBuffer
mmioSetInfo
mmioStringToFOURCCA
mmioStringToFOURCCW
mmioWrite
mmsystemGetVersion
mod32Message
mxd32Message
sndPlaySoundA
sndPlaySoundW
tid32Message
timeBeginPeriod
timeEndPeriod
timeGetDevCaps
timeGetSystemTime
timeGetTime
timeKillEvent
timeSetEvent
waveInAddBuffer
waveInClose
waveInGetDevCapsA
waveInGetDevCapsW
waveInGetErrorTextA
waveInGetErrorTextW
waveInGetID
waveInGetNumDevs
waveInGetPosition
waveInMessage
waveInOpen
waveInPrepareHeader
waveInReset
waveInStart
waveInStop
waveInUnprepareHeader
waveOutBreakLoop
waveOutClose
waveOutGetDevCapsA
waveOutGetDevCapsW
waveOutGetErrorTextA
waveOutGetErrorTextW
waveOutGetID
waveOutGetNumDevs
waveOutGetPitch
waveOutGetPlaybackRate
waveOutGetPosition
waveOutGetVolume
waveOutMessage
waveOutOpen
waveOutPause
waveOutPrepareHeader
waveOutReset
waveOutRestart
waveOutSetPitch
waveOutSetPlaybackRate
waveOutSetVolume
waveOutUnprepareHeader
waveOutWrite
wid32Message
wod32Message
Sections
.text Size: 119KB - Virtual size: 118KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 68KB - Virtual size: 68KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 4KB - Virtual size: 7KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1024B - Virtual size: 640B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 8KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ