9426f07008046bcb444fd2a86fda1332_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

9426f07008046bcb444fd2a86fda1332_JaffaCakes118
Size

3.0MB
MD5

9426f07008046bcb444fd2a86fda1332
SHA1

cc64604d36c5d9bbf0b0231d83d13fb83b33b08a
SHA256

a5e29ee97f1f60848d871331407630b10a4c86ba8706c010bf17dea123d9e659
SHA512

6aca6d025e40ce7d1585b8359fca3db8b06f04d8d6fab6ff42d8f602d128fdd5683fdcdc73423a7512d10e8a1ffc6b27ab5e220f0e8f4496d9297781a0331482
SSDEEP

98304:w5k07AZn4uxHuF5BLM+vdU61rmNSNY4sUF286p7Flj:B0UJ4uxOF5pMydn6SuUFu7F1

Score

3^/10

Malware Config

Signatures

Unsigned PE 8 IoCs

Checks for missing Authenticode signature.

resource
unpack001/bin/win32/core.dll
unpack001/bin/win32/demoplayer.dll
unpack001/bin/win32/filesystem_stdio.dll
unpack001/bin/win32/hlds.exe
unpack001/bin/win32/hltv.exe
unpack001/bin/win32/proxy.dll
unpack001/bin/win32/swds.dll
unpack001/bin/win32/valve/dlls/director.dll

Files

9426f07008046bcb444fd2a86fda1332_JaffaCakes118
.zip
bin/linux32/core.so
.elf linux x86
bin/linux32/demoplayer.so
.elf linux x86
bin/linux32/engine_i486.so
.elf linux x86
bin/linux32/filesystem_stdio.so
.elf linux x86
bin/linux32/hlds_linux
.elf linux x86
bin/linux32/hltv
.elf linux x86
bin/linux32/proxy.so
.elf linux x86
bin/linux32/valve/dlls/director.so
.elf linux x86
bin/win32/core.dll
.dll windows:6 windows x86 arch:x86

fdb7aa275c897297de4034a4593e14c7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\BuildAgent\work\1ac10ebb5efde38f\rehlds\HLTV\Core\build\binaries\coreSharedLibrary\core.pdb

Imports

ws2_32

gethostbyname
inet_addr
WSAGetLastError
WSACleanup
gethostname
WSAStartup
bind
ioctlsocket
socket
setsockopt
closesocket
shutdown
recvfrom
sendto
ntohs
htons

kernel32

GetModuleHandleExW
EncodePointer
HeapSize
WriteConsoleW
SetFilePointerEx
CreateFileW
GetProcessHeap
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetModuleFileNameA
GetProcAddress
FreeLibrary
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
GetModuleHandleW
RaiseException
InterlockedFlushSList
RtlUnwind
GetLastError
SetLastError
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
LoadLibraryExW
MultiByteToWideChar
WideCharToMultiByte
ExitProcess
DecodePointer
HeapFree
HeapAlloc
GetACP
GetStdHandle
GetFileType
GetStringTypeW
LCMapStringW
CloseHandle
HeapReAlloc
SetStdHandle
WriteFile
GetConsoleCP
GetConsoleMode
FlushFileBuffers
FindClose
FindFirstFileExA
FindNextFileA
IsValidCodePage
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW

Exports

Exports

CreateInterface

Sections

.text
Size: 229KB - Virtual size: 228KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 512B - Virtual size: 232B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
bin/win32/demoplayer.dll
.dll windows:6 windows x86 arch:x86

05ce45bd37be521e8f51b09046cdb01a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\BuildAgent\work\1ac10ebb5efde38f\rehlds\HLTV\DemoPlayer\build\binaries\demoplayerSharedLibrary\demoplayer.pdb

Imports

kernel32

GetModuleFileNameA
GetProcAddress
FreeLibrary
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
GetModuleHandleW
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
RaiseException
InterlockedFlushSList
GetLastError
SetLastError
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
LoadLibraryExW
RtlUnwind
MultiByteToWideChar
WideCharToMultiByte
ExitProcess
GetModuleHandleExW
HeapFree
HeapAlloc
GetACP
GetStdHandle
GetFileType
GetStringTypeW
LCMapStringW
CloseHandle
HeapReAlloc
FindClose
FindFirstFileExA
FindNextFileA
IsValidCodePage
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetProcessHeap
SetStdHandle
FlushFileBuffers
WriteFile
GetConsoleCP
GetConsoleMode
CreateFileW
HeapSize
SetFilePointerEx
WriteConsoleW
EncodePointer
DecodePointer

Exports

Exports

CreateInterface

Sections

.text
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 512B - Virtual size: 232B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
bin/win32/filesystem_stdio.dll
.dll windows:6 windows x86 arch:x86

001c37d1663986823ba094bb3948ff9c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\BuildAgent\work\1ac10ebb5efde38f\rehlds\filesystem\FileSystem_Stdio\build\binaries\filesystemSharedLibrary\filesystem_stdio.pdb

Imports

kernel32

GetCurrentDirectoryA
OutputDebugStringA
FindFirstFileA
FindNextFileA
FindClose
GetProcAddress
FreeLibrary
CloseHandle
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
SetEvent
ResetEvent
WaitForSingleObjectEx
CreateEventW
GetModuleHandleW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
GetLastError
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
LoadLibraryExW
RaiseException
InterlockedFlushSList
SetLastError
RtlUnwind
ReadFile
CreateFileW
GetDriveTypeW
GetFileType
PeekNamedPipe
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
ExitProcess
GetModuleHandleExW
GetModuleFileNameA
MultiByteToWideChar
WideCharToMultiByte
HeapFree
HeapAlloc
CreateDirectoryW
GetACP
DeleteFileW
GetStdHandle
HeapReAlloc
SetFilePointerEx
GetConsoleMode
ReadConsoleW
WriteFile
GetConsoleCP
FlushFileBuffers
GetCurrentDirectoryW
GetFullPathNameW
CompareStringW
LCMapStringW
SetStdHandle
FindFirstFileExA
IsValidCodePage
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableA
GetProcessHeap
GetStringTypeW
GetTimeZoneInformation
WriteConsoleW
HeapSize
SetEndOfFile
EncodePointer
DecodePointer

Exports

Exports

CreateInterface

Sections

.text
Size: 121KB - Virtual size: 121KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 512B - Virtual size: 240B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
bin/win32/hlds.exe
.exe windows:5 windows x86 arch:x86

f902eec89dda77d717112b2d860d4347

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\BuildAgent\work\1ac10ebb5efde38f\rehlds\dedicated\build\binaries\dedicatedExecutable\hlds.pdb

Imports

ws2_32

WSACleanup
WSAStartup

winmm

timeGetTime

user32

DispatchMessageA
TranslateMessage
GetMessageA
PeekMessageA
PostQuitMessage
ShowWindow
SetWindowPos
wsprintfA
MessageBoxA
PostMessageA
FindWindowA

advapi32

RegCloseKey
RegSetValueExA
RegOpenKeyA
RegQueryValueExA

kernel32

HeapSize
ReadConsoleW
ReadFile
GetConsoleMode
GetConsoleCP
SetFilePointerEx
GetProcessHeap
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetEndOfFile
WriteConsoleW
EncodePointer
FlushFileBuffers
RaiseException
GetLastError
LoadLibraryW
GetProcAddress
SetLastError
GetModuleFileNameW
CreateFileW
GetCurrentThreadId
GetCurrentProcessId
GetCurrentProcess
CloseHandle
FreeLibrary
IsDebuggerPresent
GetModuleFileNameA
GetModuleHandleA
GetCurrentDirectoryA
GetConsoleTitleA
GetTickCount
SetConsoleTitleA
Sleep
AllocConsole
GetStdHandle
SetConsoleCtrlHandler
FreeConsole
GetNumberOfConsoleInputEvents
ReadConsoleInputA
MultiByteToWideChar
WideCharToMultiByte
WriteFile
GetConsoleScreenBufferInfo
WriteConsoleOutputAttribute
WriteConsoleOutputCharacterA
LoadLibraryA
GetLargestConsoleWindowSize
SetConsoleWindowInfo
SetConsoleScreenBufferSize
MapViewOfFile
UnmapViewOfFile
ReadConsoleOutputCharacterA
WriteConsoleInputA
WaitForMultipleObjects
SetEvent
CreateEventA
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
GetStartupInfoW
GetModuleHandleW
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead
DecodePointer
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
LoadLibraryExW
RtlUnwind
GetDriveTypeW
GetFileType
PeekNamedPipe
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
SetEnvironmentVariableA
SetCurrentDirectoryA
GetCurrentDirectoryW
WaitForSingleObject
GetExitCodeProcess
CreateProcessA
CreateThread
ExitThread
FreeLibraryAndExitThread
GetModuleHandleExW
ExitProcess
GetACP
HeapFree
HeapAlloc
CompareStringW
LCMapStringW
GetTimeZoneInformation
GetFullPathNameW
SetStdHandle
GetFileAttributesExW
HeapReAlloc
GetStringTypeW
FindClose
FindFirstFileExA
FindNextFileA
IsValidCodePage
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW

Exports

Exports

CreateInterface

Sections

.text
Size: 115KB - Virtual size: 114KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 512B - Virtual size: 248B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 115KB - Virtual size: 115KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
bin/win32/hltv.exe
.exe windows:5 windows x86 arch:x86

9a3b104d7bc676cbd32c478863a02620

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\BuildAgent\work\1ac10ebb5efde38f\rehlds\HLTV\Console\build\binaries\hltvExecutable\hltv.pdb

Imports

user32

ShowWindow
SetWindowPos
FindWindowA
wsprintfA

kernel32

TlsGetValue
DecodePointer
EncodePointer
GetLastError
GetProcAddress
SetLastError
CreateFileW
GetCurrentThreadId
GetCurrentProcessId
GetCurrentProcess
CloseHandle
FreeLibrary
IsDebuggerPresent
GetModuleFileNameA
GetConsoleTitleA
GetTickCount
SetConsoleTitleA
Sleep
AllocConsole
GetStdHandle
SetConsoleCtrlHandler
FreeConsole
GetNumberOfConsoleInputEvents
ReadConsoleInputA
MultiByteToWideChar
WideCharToMultiByte
WriteFile
GetConsoleScreenBufferInfo
WriteConsoleOutputAttribute
WriteConsoleOutputCharacterA
QueryPerformanceFrequency
SetPriorityClass
QueryPerformanceCounter
LoadLibraryA
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
GetStartupInfoW
GetModuleHandleW
GetSystemTimeAsFileTime
InitializeSListHead
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
RaiseException
TlsSetValue
TlsFree
LoadLibraryExW
RtlUnwind
ExitProcess
GetModuleHandleExW
GetACP
HeapFree
HeapAlloc
GetDateFormatW
GetTimeFormatW
CompareStringW
LCMapStringW
GetTimeZoneInformation
GetFileType
GetStringTypeW
HeapReAlloc
FindClose
FindFirstFileExA
FindNextFileA
IsValidCodePage
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableA
GetProcessHeap
SetStdHandle
FlushFileBuffers
GetConsoleCP
GetConsoleMode
HeapSize
SetFilePointerEx
WriteConsoleW

Exports

Exports

CreateInterface

Sections

.text
Size: 112KB - Virtual size: 112KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 512B - Virtual size: 212B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 119KB - Virtual size: 118KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
bin/win32/proxy.dll
.dll windows:6 windows x86 arch:x86

2eec4ef98342df42e190653ec35b84a1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\BuildAgent\work\1ac10ebb5efde38f\rehlds\HLTV\Proxy\build\binaries\proxySharedLibrary\proxy.pdb

Imports

steam_api

SteamGameServer_Shutdown
SteamGameServer
SteamGameServer_Init
SteamGameServer_RunCallbacks

ws2_32

htonl
ntohl
ntohs
htons

kernel32

GetModuleHandleExW
EncodePointer
SetEndOfFile
HeapSize
WriteConsoleW
SetFilePointerEx
CreateFileW
GetModuleFileNameA
GetProcAddress
FreeLibrary
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
CloseHandle
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
SetEvent
ResetEvent
WaitForSingleObjectEx
CreateEventW
GetModuleHandleW
IsDebuggerPresent
GetStartupInfoW
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
GetLastError
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
LoadLibraryExW
RaiseException
InterlockedFlushSList
SetLastError
RtlUnwind
MultiByteToWideChar
WideCharToMultiByte
ExitProcess
DecodePointer
HeapFree
HeapAlloc
GetACP
GetStdHandle
GetFileType
GetStringTypeW
GetDateFormatW
GetTimeFormatW
CompareStringW
LCMapStringW
GetTimeZoneInformation
HeapReAlloc
WriteFile
GetConsoleCP
GetConsoleMode
FlushFileBuffers
ReadFile
ReadConsoleW
SetStdHandle
FindClose
FindFirstFileExA
FindNextFileA
IsValidCodePage
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableA
GetProcessHeap

Exports

Exports

CreateInterface

Sections

.text
Size: 258KB - Virtual size: 257KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 63KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 512B - Virtual size: 284B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
bin/win32/swds.dll
.dll windows:6 windows x86 arch:x86

f9020f47b77afb9d9156d923235b7e2e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\BuildAgent\work\1ac10ebb5efde38f\rehlds\build\binaries\rehlds_swds_engineSharedLibrary\releaseRehldsFixes\swds.pdb

Imports

steam_api

SteamAPI_UnregisterCallback
SteamAPI_RunCallbacks
SteamGameServer_RunCallbacks
SteamGameServer_Init
SteamApps
SteamAPI_UnregisterCallResult
SteamAPI_RegisterCallback
SteamAPI_UseBreakpadCrashHandler
SteamAPI_SetBreakpadAppID
SteamAPI_Init
SteamAPI_Shutdown
SteamGameServer_Shutdown
SteamGameServer

psapi

GetModuleInformation

ws2_32

inet_addr
WSAGetLastError
ioctlsocket
gethostname
gethostbyname
select
bind
sendto
recvfrom
closesocket
socket
ntohs
htons
htonl
ntohl
getsockname

kernel32

GetEnvironmentStringsW
GetCommandLineW
GetOEMCP
IsValidCodePage
FindNextFileA
FindFirstFileExA
FindClose
GetProcessHeap
MoveFileExW
FlushFileBuffers
WriteConsoleW
SetFilePointerEx
ReadConsoleW
ReadFile
SetEndOfFile
SetStdHandle
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetTimeFormatW
GetDateFormatW
DeleteFileW
GetStdHandle
GetACP
GetModuleFileNameA
InitializeCriticalSection
VirtualProtect
Sleep
FreeEnvironmentStringsW
EnterCriticalSection
LeaveCriticalSection
GetProcAddress
LoadLibraryA
GetLastError
FreeLibrary
VirtualFree
VirtualAlloc
VirtualQuery
GetModuleHandleA
GetVersionExA
DeleteCriticalSection
GlobalMemoryStatus
GlobalAlloc
GlobalFree
GetCommandLineA
GetTickCount
TerminateProcess
GetCurrentProcess
QueryPerformanceCounter
QueryPerformanceFrequency
GetLocalTime
GetSystemTime
GetTimeZoneInformation
GetProcessTimes
GetSystemTimeAsFileTime
CreateThread
TerminateThread
HeapFree
HeapReAlloc
HeapAlloc
GetConsoleMode
SetEnvironmentVariableA
HeapSize
OutputDebugStringA
WideCharToMultiByte
EncodePointer
DecodePointer
MultiByteToWideChar
SetLastError
InitializeCriticalSectionAndSpinCount
CreateEventW
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleW
CompareStringW
LCMapStringW
GetLocaleInfoW
GetStringTypeW
GetCPInfo
CloseHandle
SetEvent
ResetEvent
WaitForSingleObjectEx
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
GetCurrentProcessId
GetCurrentThreadId
InitializeSListHead
RaiseException
RtlUnwind
LoadLibraryExW
InterlockedFlushSList
ExitProcess
GetModuleHandleExW
CreateFileW
GetFileType
WriteFile
GetConsoleCP

user32

MessageBoxA
GetForegroundWindow
wsprintfA

advapi32

RegCreateKeyExA
RegSetValueExA
RegQueryValueExA
RegCloseKey

Exports

Exports

CreateInterface
F
NET_Sleep_Timeout

Sections

.text
Size: 790KB - Virtual size: 789KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 173KB - Virtual size: 173KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 18KB - Virtual size: 6.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 1024B - Virtual size: 656B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
bin/win32/valve/dlls/director.dll
.dll windows:6 windows x86 arch:x86

05ce45bd37be521e8f51b09046cdb01a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\BuildAgent\work\1ac10ebb5efde38f\rehlds\HLTV\Director\build\binaries\directorSharedLibrary\director.pdb

Imports

kernel32

GetModuleFileNameA
GetProcAddress
FreeLibrary
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
GetModuleHandleW
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
RaiseException
InterlockedFlushSList
GetLastError
SetLastError
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
LoadLibraryExW
RtlUnwind
MultiByteToWideChar
WideCharToMultiByte
ExitProcess
GetModuleHandleExW
HeapFree
HeapAlloc
GetACP
GetStdHandle
GetFileType
GetStringTypeW
LCMapStringW
CloseHandle
HeapReAlloc
FindClose
FindFirstFileExA
FindNextFileA
IsValidCodePage
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetProcessHeap
SetStdHandle
FlushFileBuffers
WriteFile
GetConsoleCP
GetConsoleMode
CreateFileW
HeapSize
SetFilePointerEx
WriteConsoleW
EncodePointer
DecodePointer

Exports

Exports

CreateInterface

Sections

.text
Size: 81KB - Virtual size: 81KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 37KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 512B - Virtual size: 232B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
flighrec/decoder.bat
.bat .vbs
flighrec/decoder.jar
.jar
hlsdk/common/BaseSystemModule.cpp
hlsdk/common/BaseSystemModule.h
hlsdk/common/IAdminServer.h
hlsdk/common/IBaseSystem.h
hlsdk/common/IDemoPlayer.h
hlsdk/common/IEngineWrapper.h
hlsdk/common/IGameServerData.h
hlsdk/common/IObjectContainer.h
hlsdk/common/ISystemModule.h
hlsdk/common/IVGuiModule.h
hlsdk/common/ObjectDictionary.cpp
hlsdk/common/ObjectDictionary.h
hlsdk/common/ObjectList.cpp
hlsdk/common/ObjectList.h
hlsdk/common/Sequence.h
hlsdk/common/SteamAppStartUp.cpp
hlsdk/common/SteamAppStartUp.h
hlsdk/common/SteamCommon.h
hlsdk/common/TextConsoleUnix.cpp
hlsdk/common/TextConsoleUnix.h
hlsdk/common/TextConsoleWin32.cpp
hlsdk/common/TextConsoleWin32.h
hlsdk/common/TokenLine.cpp
hlsdk/common/TokenLine.h
hlsdk/common/beamdef.h
hlsdk/common/cl_entity.h
hlsdk/common/com_model.h
hlsdk/common/commandline.cpp
hlsdk/common/con_nprint.h
hlsdk/common/const.h
hlsdk/common/crc.h
hlsdk/common/cvardef.h
hlsdk/common/demo_api.h
hlsdk/common/director_cmds.h
hlsdk/common/dlight.h
hlsdk/common/dll_state.h
hlsdk/common/entity_state.h
hlsdk/common/entity_types.h
hlsdk/common/enums.h
hlsdk/common/event_api.h
hlsdk/common/event_args.h
hlsdk/common/event_flags.h
hlsdk/common/hltv.h
hlsdk/common/in_buttons.h
hlsdk/common/ivoicetweak.h
hlsdk/common/kbutton.h
hlsdk/common/mathlib.h
hlsdk/common/md5.h
hlsdk/common/minidump.cpp
hlsdk/common/minidump.h
hlsdk/common/net_api.h
hlsdk/common/netadr.h
hlsdk/common/netapi.cpp
hlsdk/common/netapi.h
hlsdk/common/nowin.h
hlsdk/common/parsemsg.cpp
hlsdk/common/parsemsg.h
hlsdk/common/particledef.h
hlsdk/common/pmtrace.h
hlsdk/common/port.h
hlsdk/common/qfont.h
hlsdk/common/qlimits.h
hlsdk/common/quakedef.h
hlsdk/common/r_efx.h
hlsdk/common/r_studioint.h
hlsdk/common/ref_params.h
hlsdk/common/screenfade.h
hlsdk/common/stdc++compat.cpp
hlsdk/common/studio_event.h
hlsdk/common/textconsole.cpp
hlsdk/common/textconsole.h
hlsdk/common/triangleapi.h
hlsdk/common/usercmd.h
hlsdk/common/vmodes.h
hlsdk/common/weaponinfo.h
hlsdk/common/winsani_in.h
hlsdk/common/winsani_out.h
hlsdk/dlls/activity.h
hlsdk/dlls/activitymap.h
hlsdk/dlls/animation.h
hlsdk/dlls/basemonster.h
hlsdk/dlls/cbase.h
hlsdk/dlls/cdll_dll.h
hlsdk/dlls/client.h
hlsdk/dlls/decals.h
hlsdk/dlls/doors.h
hlsdk/dlls/effects.h
hlsdk/dlls/enginecallback.h
hlsdk/dlls/explode.h
hlsdk/dlls/extdll.h
hlsdk/dlls/func_break.h
hlsdk/dlls/game.h
hlsdk/dlls/gamerules.h
hlsdk/dlls/hornet.h
hlsdk/dlls/items.h
hlsdk/dlls/maprules.h
hlsdk/dlls/monsterevent.h
hlsdk/dlls/monsters.h
hlsdk/dlls/nodes.h
hlsdk/dlls/plane.h
hlsdk/dlls/player.h
hlsdk/dlls/saverestore.h
hlsdk/dlls/schedule.h
hlsdk/dlls/scriptevent.h
hlsdk/dlls/skill.h
hlsdk/dlls/soundent.h
hlsdk/dlls/spectator.h
hlsdk/dlls/talkmonster.h
hlsdk/dlls/teamplay_gamerules.h
hlsdk/dlls/trains.h
hlsdk/dlls/util.h
hlsdk/dlls/vector.h
hlsdk/dlls/weapons.h
hlsdk/engine/FlightRecorder.h
hlsdk/engine/Sequence.h
hlsdk/engine/archtypes.h
hlsdk/engine/bspfile.h
hlsdk/engine/cmd_rehlds.h
hlsdk/engine/common_rehlds.h
hlsdk/engine/crc32c.cpp
hlsdk/engine/crc32c.h
hlsdk/engine/custom.h
hlsdk/engine/customentity.h
hlsdk/engine/d_local.h
hlsdk/engine/edict.h
hlsdk/engine/eiface.h
hlsdk/engine/hookchains.h
hlsdk/engine/keydefs.h
hlsdk/engine/maintypes.h
hlsdk/engine/model.h
hlsdk/engine/modelgen.h
hlsdk/engine/osconfig.h
hlsdk/engine/pr_dlls.h
hlsdk/engine/progdefs.h
hlsdk/engine/progs.h
hlsdk/engine/rehlds_api.h
hlsdk/engine/rehlds_interfaces.h
hlsdk/engine/shake.h
hlsdk/engine/spritegn.h
hlsdk/engine/static_map.h
hlsdk/engine/studio.h
hlsdk/engine/sys_shared.cpp
hlsdk/engine/sys_shared.h
hlsdk/engine/userid_rehlds.h
hlsdk/pm_shared/pm_debug.h
hlsdk/pm_shared/pm_defs.h
hlsdk/pm_shared/pm_info.h
hlsdk/pm_shared/pm_materials.h
hlsdk/pm_shared/pm_movevars.h
hlsdk/pm_shared/pm_shared.h
hlsdk/public/FileSystem.h
hlsdk/public/HLTV/IBSPModel.h
hlsdk/public/HLTV/IClient.h
hlsdk/public/HLTV/IDirector.h
hlsdk/public/HLTV/INetChannel.h
.js
hlsdk/public/HLTV/INetSocket.h
hlsdk/public/HLTV/INetwork.h
hlsdk/public/HLTV/IProxy.h
hlsdk/public/HLTV/IServer.h
hlsdk/public/HLTV/IWorld.h
hlsdk/public/asmlib.h
hlsdk/public/basetypes.h
hlsdk/public/cl_dll/IGameClientExports.h
hlsdk/public/commonmacros.h
hlsdk/public/engine_hlds_api.h
hlsdk/public/engine_launcher_api.h
hlsdk/public/icommandline.h
hlsdk/public/idedicatedexports.h
hlsdk/public/interface.cpp
hlsdk/public/interface.h
hlsdk/public/iregistry.h
hlsdk/public/keydefs.h
hlsdk/public/particleman.h
hlsdk/public/pman_particlemem.h
hlsdk/public/pman_triangleffect.h
hlsdk/public/registry.cpp
hlsdk/public/savegame_version.h
hlsdk/public/steam/isteamapps.h
hlsdk/public/steam/isteambilling.h
hlsdk/public/steam/isteamclient.h
hlsdk/public/steam/isteamcontroller.h
hlsdk/public/steam/isteamfriends.h
hlsdk/public/steam/isteamgameserver.h
hlsdk/public/steam/isteamgameserverstats.h
hlsdk/public/steam/isteamhttp.h
hlsdk/public/steam/isteammatchmaking.h
hlsdk/public/steam/isteamnetworking.h
hlsdk/public/steam/isteamremotestorage.h
hlsdk/public/steam/isteamscreenshots.h
hlsdk/public/steam/isteamunifiedmessages.h
hlsdk/public/steam/isteamuser.h
hlsdk/public/steam/isteamuserstats.h
hlsdk/public/steam/isteamutils.h
hlsdk/public/steam/matchmakingtypes.h
hlsdk/public/steam/steam_api.h
.js
hlsdk/public/steam/steam_gameserver.h
hlsdk/public/steam/steamclientpublic.h
hlsdk/public/steam/steamhttpenums.h
hlsdk/public/steam/steamtypes.h
hlsdk/public/steamid.cpp
hlsdk/public/strtools.h
hlsdk/public/tier0/characterset.cpp
hlsdk/public/tier0/characterset.h
hlsdk/public/tier0/dbg.cpp
hlsdk/public/tier0/dbg.h
hlsdk/public/tier0/platform.h
hlsdk/public/utlbuffer.cpp
hlsdk/public/utlbuffer.h
hlsdk/public/utllinkedlist.h
hlsdk/public/utlmap.h
hlsdk/public/utlmemory.h
hlsdk/public/utlrbtree.h
hlsdk/public/utlsymbol.cpp
hlsdk/public/utlsymbol.h
hlsdk/public/utlvector.h
hlsdk/public/vgui/VGUI.h

Sharing

General

Malware Config

Signatures

Files

fdb7aa275c897297de4034a4593e14c7

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

ws2_32

kernel32

Exports

Exports

Sections

.text Size: 229KB - Virtual size: 228KB

.rdata Size: 56KB - Virtual size: 55KB

.data Size: 9KB - Virtual size: 34KB

.gfids Size: 512B - Virtual size: 232B

.reloc Size: 11KB - Virtual size: 10KB

05ce45bd37be521e8f51b09046cdb01a

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

Exports

Exports

Sections

.text Size: 80KB - Virtual size: 80KB

.rdata Size: 31KB - Virtual size: 30KB

.data Size: 2KB - Virtual size: 6KB

.gfids Size: 512B - Virtual size: 232B

.reloc Size: 5KB - Virtual size: 5KB

001c37d1663986823ba094bb3948ff9c

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

Exports

Exports

Sections

.text Size: 121KB - Virtual size: 121KB

.rdata Size: 33KB - Virtual size: 32KB

.data Size: 3KB - Virtual size: 6KB

.gfids Size: 512B - Virtual size: 240B

.tls Size: 512B - Virtual size: 9B

.reloc Size: 6KB - Virtual size: 6KB

f902eec89dda77d717112b2d860d4347

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

ws2_32

winmm

user32

advapi32

kernel32

Exports

Exports

Sections

.text Size: 115KB - Virtual size: 114KB

.rdata Size: 31KB - Virtual size: 31KB

.data Size: 11KB - Virtual size: 13KB

.gfids Size: 512B - Virtual size: 248B

.rsrc Size: 115KB - Virtual size: 115KB

.reloc Size: 6KB - Virtual size: 6KB

9a3b104d7bc676cbd32c478863a02620

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

user32

kernel32

.text
Size: 229KB - Virtual size: 228KB

.rdata
Size: 56KB - Virtual size: 55KB

.data
Size: 9KB - Virtual size: 34KB

.gfids
Size: 512B - Virtual size: 232B

.reloc
Size: 11KB - Virtual size: 10KB

.text
Size: 80KB - Virtual size: 80KB

.rdata
Size: 31KB - Virtual size: 30KB

.data
Size: 2KB - Virtual size: 6KB

.gfids
Size: 512B - Virtual size: 232B

.reloc
Size: 5KB - Virtual size: 5KB

.text
Size: 121KB - Virtual size: 121KB

.rdata
Size: 33KB - Virtual size: 32KB

.data
Size: 3KB - Virtual size: 6KB

.gfids
Size: 512B - Virtual size: 240B

.tls
Size: 512B - Virtual size: 9B

.reloc
Size: 6KB - Virtual size: 6KB

.text
Size: 115KB - Virtual size: 114KB

.rdata
Size: 31KB - Virtual size: 31KB

.data
Size: 11KB - Virtual size: 13KB

.gfids
Size: 512B - Virtual size: 248B

.rsrc
Size: 115KB - Virtual size: 115KB

.reloc
Size: 6KB - Virtual size: 6KB

.text
Size: 112KB - Virtual size: 112KB

.rdata
Size: 32KB - Virtual size: 32KB

.data
Size: 11KB - Virtual size: 52KB

.gfids
Size: 512B - Virtual size: 212B

.rsrc
Size: 119KB - Virtual size: 118KB

.reloc
Size: 6KB - Virtual size: 6KB

.text
Size: 258KB - Virtual size: 257KB

.rdata
Size: 63KB - Virtual size: 62KB

.data
Size: 8KB - Virtual size: 96KB

.gfids
Size: 512B - Virtual size: 284B

.tls
Size: 512B - Virtual size: 9B

.reloc
Size: 12KB - Virtual size: 12KB

.text
Size: 790KB - Virtual size: 789KB

.rdata
Size: 173KB - Virtual size: 173KB

.data
Size: 18KB - Virtual size: 6.0MB

.gfids
Size: 1024B - Virtual size: 656B

.tls
Size: 512B - Virtual size: 9B

.reloc
Size: 52KB - Virtual size: 51KB

.text
Size: 81KB - Virtual size: 81KB

.rdata
Size: 37KB - Virtual size: 36KB

.data
Size: 2KB - Virtual size: 6KB

.gfids
Size: 512B - Virtual size: 232B

.reloc
Size: 5KB - Virtual size: 5KB