Fireworks[.]Mania[.]Crack[.]Only-recompressed[.]zip

Sharing

Copy URL Twitter E-mail

General

Target

Fireworks.Mania.Crack.Only-recompressed.zip
Size

1.7MB
MD5

62468ad11c7f693858432d11f56bf1fc
SHA1

cd24e87ff3af5754ac531348d9bae31081aa2dfd
SHA256

44261ba8c3247ada6ba9c882e91c00aa3971789cfa8183c4e96ce9dfe1a93678
SHA512

119cee17f552aa631f499874738cbe70c9ec145aadcd872d56e772650c97c13aaf5015d235cd64d7bcb3a299c9942d89e4a77be7fed2db1902aff456a9a8a5e4
SSDEEP

49152:RwME/HGxccjBGUrUaA0nw0ngI7qTH31tpuK:GME/HGxc2kJaA0nVgI7EtR

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Launcher.exe
unpack001/steamclient64.dll

Files

Fireworks.Mania.Crack.Only-recompressed.zip
.zip
Launcher.exe
.exe windows:5 windows x64 arch:x64

903779526007e11b7ce5986ad4a6fbad

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

D:\Developments\Games\SmartSteamEmu\x64\Release\SmartSteamLoader_x64.pdb

Imports

kernel32

GetPrivateProfileIntW
GetPrivateProfileStringW
FindFirstFileW
FindClose
GetCommandLineW
GetModuleFileNameW
GetCurrentDirectoryW
GetPrivateProfileSectionNamesW
GetCurrentProcessId
OpenProcess
CreateThread
CreateProcessW
ResumeThread
WaitForSingleObject
GetExitCodeThread
Sleep
MultiByteToWideChar
GetLastError
DecodePointer
EncodePointer
GetStartupInfoW
TerminateProcess
UnhandledExceptionFilter
GetSystemTimeAsFileTime
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
IsDebuggerPresent
SetUnhandledExceptionFilter
WideCharToMultiByte
OpenFileMappingA
CreateSemaphoreW
SetEvent
CreateEventA
MapViewOfFile
CreateFileMappingA
CloseHandle
GetCurrentProcess
UnmapViewOfFile

user32

TranslateMessage
SendMessageW
PostQuitMessage
DestroyWindow
DispatchMessageW
CreateDialogParamW
IsDialogMessageW
GetMessageW
ShowWindow
MoveWindow
GetDesktopWindow
GetWindowRect
MessageBoxW

advapi32

RegQueryValueExA
RegCloseKey
RegSetValueExW
RegQueryValueExW
RegCreateKeyExA
RegOpenKeyExA
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
RegSetValueExA

shell32

CommandLineToArgvW

msvcp100

?_Xlength_error@std@@YAXPEBD@Z
?_Xout_of_range@std@@YAXPEBD@Z

psapi

GetModuleFileNameExW

wintrust

WinVerifyTrust

msvcr100

_wcsicmp
memset
memcmp
_CxxThrowException
memcpy
__CxxFrameHandler3
??3@YAXPEAX@Z
memmove
??0exception@std@@QEAA@AEBV01@@Z
?what@exception@std@@UEBAPEBDXZ
??1exception@std@@UEAA@XZ
??0exception@std@@QEAA@AEBQEBD@Z
??2@YAPEAX_K@Z
_wputenv
_vswprintf_c_l
tolower
_wtoi
fopen_s
fread
fclose
atoi
sprintf_s
memchr
??_V@YAXPEAX@Z
__C_specific_handler
_unlock
__dllonexit
_lock
_onexit
_amsg_exit
__getmainargs
_XcptFilter
_exit
_ismbblead
_cexit
exit
_acmdln
_initterm
_initterm_e
_configthreadlocale
__setusermatherr
_commode
_fmode
__set_app_type
__crt_debugger_hook
?terminate@@YAXXZ
?_type_info_dtor_internal_method@type_info@@QEAAXXZ

Sections

.text
Size: 51KB - Virtual size: 51KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 34KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 82KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
SmartSteamEmu.ini
local_save.txt
steam_settings/depots.txt
steam_settings/steam_appid.txt
steamclient64.dll
.dll windows:6 windows x64 arch:x64

465704006f9405c59e9d99fad6aafb1c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

iphlpapi

GetAdaptersInfo

ws2_32

InetPtonW
WSAConnect
closesocket
WSASetLastError
sendto
ntohl
connect
WSAGetLastError
WSAWaitForMultipleEvents
WSAResetEvent
WSAEventSelect
WSAEnumNetworkEvents
ioctlsocket
getsockopt
accept
htons
listen
ntohs
recv
recvfrom
send
socket
WSAStartup
getaddrinfo
inet_ntop
freeaddrinfo
inet_pton
WSACleanup
WSAIoctl
__WSAFDIsSet
htonl
bind
select
getsockname
getpeername
setsockopt
WSACreateEvent
WSACloseEvent
gethostname

advapi32

SystemFunction036
CryptDestroyKey
CryptEncrypt
CryptReleaseContext
CryptGetHashParam
CryptCreateHash
CryptHashData
CryptImportKey
CryptAcquireContextW
CryptDestroyHash

shell32

SHGetFolderPathW
CommandLineToArgvW

winmm

PlaySoundA

crypt32

CertEnumCertificatesInStore
CertCloseStore
CertFindCertificateInStore
CertFreeCertificateContext
CryptStringToBinaryW
CertFreeCertificateChain
CertGetCertificateChain
CertFreeCertificateChainEngine
CertCreateCertificateChainEngine
CryptQueryObject
CertGetNameStringW
CertFindExtension
CertAddCertificateContextToStore
CryptDecodeObjectEx
PFXImportCertStore
CertOpenStore

xinput9_1_0

XInputSetState
XInputGetState

user32

WindowFromDC
ClipCursor
GetClipCursor
GetWindowRect
DestroyWindow
CreateWindowExW
RegisterClassExW
UnregisterClassW
DefWindowProcA
SetProcessDPIAware
MonitorFromWindow
LoadCursorA
ScreenToClient
CallWindowProcA
GetCursorPos
SetCursor
SetCursorPos
GetClientRect
ReleaseDC
GetDC
GetForegroundWindow
GetKeyState
TrackMouseEvent
EmptyClipboard
GetClipboardData
SetClipboardData
CloseClipboard
OpenClipboard
GetWindowLongPtrA
SetWindowLongPtrA
ClientToScreen

kernel32

EncodePointer
DecodePointer
LCMapStringEx
CloseThreadpoolWork
SubmitThreadpoolWork
CreateThreadpoolWork
FreeLibraryWhenCallbackReturns
InitOnceComplete
InitOnceBeginInitialize
RaiseException
RtlPcToFileHeader
SleepConditionVariableSRW
WakeAllConditionVariable
WakeConditionVariable
InitializeConditionVariable
GetExitCodeThread
SwitchToThread
TryAcquireSRWLockExclusive
InitializeSRWLock
InitializeSListHead
GetSystemTimeAsFileTime
IsDebuggerPresent
CreateEventW
ResetEvent
SetEvent
InitializeCriticalSectionAndSpinCount
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
FormatMessageA
GetFileSizeEx
CreateFileW
VerifyVersionInfoW
GetEnvironmentVariableW
SetEnvironmentVariableW
Sleep
GetCurrentThread
GetModuleFileNameW
GetModuleHandleA
GetProcAddress
LoadLibraryW
MultiByteToWideChar
WideCharToMultiByte
CreateDirectoryW
FindClose
FindFirstFileW
FindNextFileW
GetFileAttributesW
SetLastError
GetEnvironmentVariableA
OutputDebugStringA
CloseHandle
GetLastError
WaitForSingleObject
ExitProcess
TerminateProcess
GetExitCodeProcess
ResumeThread
CreateProcessA
CreateProcessW
OpenProcess
VirtualAllocEx
VirtualProtectEx
VirtualQueryEx
ReadProcessMemory
WriteProcessMemory
IsWow64Process
GetCurrentProcess
GetCurrentThreadId
SuspendThread
GetThreadContext
SetThreadContext
FlushInstructionCache
VirtualAlloc
VirtualProtect
VirtualFree
VirtualQuery
DebugBreak
GetFileSize
SetFilePointer
WriteFile
CreateFileMappingW
MapViewOfFileEx
UnmapViewOfFile
FreeLibrary
GetModuleHandleW
LoadLibraryExA
LoadLibraryExW
GlobalAlloc
GlobalUnlock
GlobalLock
GlobalFree
CreateEventA
LoadLibraryA
VerSetConditionMask
QueryPerformanceCounter
QueryPerformanceFrequency
GetSystemDirectoryW
GetCurrentDirectoryW
DeleteFileW
GetCommandLineW
GetProcessId
GetTickCount64
GetModuleHandleExW
LocalFree
CreateToolhelp32Snapshot
Module32FirstW
Module32NextW
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
GetTickCount
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionEx
DeleteCriticalSection
FormatMessageW
MoveFileExW
WaitForSingleObjectEx
GetCurrentProcessId
GetStdHandle
GetFileType
ReadFile
PeekNamedPipe
WaitForMultipleObjects
SleepEx

gdi32

GetDeviceCaps
DeleteObject
CreateRectRgn

dwmapi

DwmIsCompositionEnabled
DwmGetColorizationColor
DwmEnableBlurBehindWindow

bcrypt

BCryptGenRandom

vcruntime140

__current_exception_context
__uncaught_exception
__AdjustPointer
__std_exception_copy
__current_exception
wcschr
strrchr
__std_type_info_compare
__C_specific_handler
strchr
memchr
__std_terminate
_purecall
__std_exception_destroy
strstr
memset
memmove
memcpy
memcmp
_CxxThrowException
__std_type_info_destroy_list

vcruntime140_1

__CxxFrameHandler4

api-ms-win-crt-runtime-l1-1-0

_initterm_e
_initterm
_register_onexit_function
_configure_narrow_argv
abort
_seh_filter_dll
_errno
_execute_onexit_table
_crt_atexit
_initialize_narrow_environment
_invalid_parameter_noinfo_noreturn
_cexit
_beginthreadex
strerror_s
terminate
__sys_nerr
__sys_errlist
_initialize_onexit_table

api-ms-win-crt-string-l1-1-0

islower
strncpy_s
wcsncpy
strspn
isprint
strcmp
wcspbrk
__strncnt
tolower
strncmp
strncat
strncpy
toupper
isgraph
isupper
isspace
strpbrk
_strdup
_wcsdup
strcspn
wcsncmp

api-ms-win-crt-heap-l1-1-0

realloc
free
malloc
calloc
_callnewh

api-ms-win-crt-filesystem-l1-1-0

_wfullpath
_waccess
_unlink
_wstat64
_fstat64
_wstat64i32
_stat64i32
_wremove
rename
_unlock_file
_lock_file

api-ms-win-crt-stdio-l1-1-0

fflush
_write
_get_stream_buffer_pointers
fputs
_close
_wopen
ferror
fgetc
feof
fgets
fgetpos
fclose
_read
_lseeki64
fputc
_fsopen
_fileno
_wfsopen
__stdio_common_vsprintf_s
_wfopen_s
__stdio_common_vfprintf
fread
ftell
_wfopen
__acrt_iob_func
__stdio_common_vswprintf
__stdio_common_vsscanf
fopen
fsetpos
fseek
_fseeki64
fwrite
_getcwd
__stdio_common_vsprintf
setvbuf
ungetc

api-ms-win-crt-convert-l1-1-0

strtof
strtod
strtoll
strtoull
atoi
strtol
strtoul
atoll
atof
wcstombs

api-ms-win-crt-math-l1-1-0

_dsign
_dclass
sqrtf
ceilf
floor
logf
atan2f
powf
pow
log
sinf
fmodf
acosf
cosf
_fdopen

api-ms-win-crt-locale-l1-1-0

localeconv
setlocale
__pctype_func
_unlock_locales
_lock_locales
___lc_codepage_func
___lc_locale_name_func

api-ms-win-crt-time-l1-1-0

_gmtime64
strftime
_localtime64
_time64

api-ms-win-crt-utility-l1-1-0

qsort
rand_s

ole32

CoGetObjectContext
CoGetApartmentType

Exports

Exports

Breakpad_SteamMiniDumpInit
Breakpad_SteamSetAppID
Breakpad_SteamSetSteamID
Breakpad_SteamWriteMiniDumpSetComment
Breakpad_SteamWriteMiniDumpUsingExceptionInfoWithBuildId
CreateInterface
Steam_BConnected
Steam_BGetCallback
Steam_BLoggedOn
Steam_BReleaseSteamPipe
Steam_ConnectToGlobalUser
Steam_CreateGlobalUser
Steam_CreateLocalUser
Steam_CreateSteamPipe
Steam_FreeLastCallback
Steam_GSBLoggedOn
Steam_GSBSecure
Steam_GSGetSteam2GetEncryptionKeyToSendToNewClient
Steam_GSGetSteamID
Steam_GSLogOff
Steam_GSLogOn
Steam_GSRemoveUserConnect
Steam_GSSendSteam2UserConnect
Steam_GSSendSteam3UserConnect
Steam_GSSendUserDisconnect
Steam_GSSendUserStatusResponse
Steam_GSSetServerType
Steam_GSSetSpawnCount
Steam_GSUpdateStatus
Steam_GetAPICallResult
Steam_GetGSHandle
Steam_InitiateGameConnection
Steam_LogOff
Steam_LogOn
Steam_ReleaseThreadLocalMemory
Steam_ReleaseUser
Steam_SetLocalIPBinding
Steam_TerminateGameConnection

Sections

.text
Size: 2.0MB - Virtual size: 2.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 788KB - Virtual size: 788KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 105KB - Virtual size: 160KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 90KB - Virtual size: 90KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.detourc
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.detourd
Size: 512B - Virtual size: 72B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

903779526007e11b7ce5986ad4a6fbad

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

advapi32

shell32

msvcp100

psapi

wintrust

msvcr100

Sections

.text Size: 51KB - Virtual size: 51KB

.rdata Size: 34KB - Virtual size: 33KB

.data Size: 82KB - Virtual size: 84KB

.pdata Size: 3KB - Virtual size: 2KB

.rsrc Size: 1.1MB - Virtual size: 1.1MB

.reloc Size: 7KB - Virtual size: 6KB

465704006f9405c59e9d99fad6aafb1c

Headers

DLL Characteristics

File Characteristics

Imports

iphlpapi

ws2_32

advapi32

shell32

winmm

crypt32

xinput9_1_0

user32

kernel32

gdi32

dwmapi

bcrypt

vcruntime140

vcruntime140_1

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-filesystem-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-locale-l1-1-0

api-ms-win-crt-time-l1-1-0

api-ms-win-crt-utility-l1-1-0

ole32

Exports

Exports

Sections

.text Size: 2.0MB - Virtual size: 2.0MB

.rdata Size: 788KB - Virtual size: 788KB

.data Size: 105KB - Virtual size: 160KB

.pdata Size: 90KB - Virtual size: 90KB

.detourc Size: 26KB - Virtual size: 26KB

.detourd Size: 512B - Virtual size: 72B

.reloc Size: 21KB - Virtual size: 20KB

.text
Size: 51KB - Virtual size: 51KB

.rdata
Size: 34KB - Virtual size: 33KB

.data
Size: 82KB - Virtual size: 84KB

.pdata
Size: 3KB - Virtual size: 2KB

.rsrc
Size: 1.1MB - Virtual size: 1.1MB

.reloc
Size: 7KB - Virtual size: 6KB

.text
Size: 2.0MB - Virtual size: 2.0MB

.rdata
Size: 788KB - Virtual size: 788KB

.data
Size: 105KB - Virtual size: 160KB

.pdata
Size: 90KB - Virtual size: 90KB

.detourc
Size: 26KB - Virtual size: 26KB

.detourd
Size: 512B - Virtual size: 72B

.reloc
Size: 21KB - Virtual size: 20KB