steamclient[.]dll

Sharing

Copy URL Twitter E-mail

General

Target

steamclient.dll
Size

255KB
MD5

2e5c2c249c56a6bd8b374e8d32b2abe7
SHA1

116f109add3102e64ca3ac435b734c695737f6d5
SHA256

6b8411ea4559e739995beab3f8fc26a9c590291a5338a642d7ecb2f38a833950
SHA512

10b5c80c3c666d7c2a9b9f3ee5242cc5defee3008b7c9c687b8835afa3ca0ba00d69662852d0544d845a0d59c9b7a1e7fe595e9883c0288eca71cb854193484d
SSDEEP

6144:c3NY4YUfQVKLb0ZC9RmqdzANCNxAd8CGyCvBG6Vdq:c3VYnVfC9R9EkxkIyeXVdq

Score

7^/10

Malware Config

Signatures

ACProtect 1.3x - 1.4x DLL software 1 IoCs

Detects file using ACProtect software.

resource	yara_rule
sample	acprotect

Files

steamclient.dll
.dll windows:6 windows x86 arch:x86

Code Sign

4d:ad:94:47:b8:84:33:58:b1:fa:06:8c:ff:8f:62:39
Certificate

Issuer

CN=WUS!

Not Before

01/07/2014, 00:00

Not After

01/01/2088, 00:00

Subject

CN=WUS!

a8:d7:95:12:7d:48:ce:27:0a:5c:32:53:8e:cb:fc:71:33:c1:ea:a0
Signer

Actual PE Digest

a8:d7:95:12:7d:48:ce:27:0a:5c:32:53:8e:cb:fc:71:33:c1:ea:a0

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

Breakpad_SteamMiniDumpInit
Breakpad_SteamSetAppID
Breakpad_SteamSetSteamID
Breakpad_SteamWriteMiniDumpSetComment
Breakpad_SteamWriteMiniDumpUsingExceptionInfoWithBuildId
CreateInterface
Steam_BConnected
Steam_BGetCallback
Steam_BLoggedOn
Steam_BReleaseSteamPipe
Steam_ConnectToGlobalUser
Steam_CreateGlobalUser
Steam_CreateLocalUser
Steam_CreateSteamPipe
Steam_FreeLastCallback
Steam_GSBLoggedOn
Steam_GSBSecure
Steam_GSGetSteam2GetEncryptionKeyToSendToNewClient
Steam_GSGetSteamID
Steam_GSLogOff
Steam_GSLogOn
Steam_GSRemoveUserConnect
Steam_GSSendSteam2UserConnect
Steam_GSSendSteam3UserConnect
Steam_GSSendUserDisconnect
Steam_GSSendUserStatusResponse
Steam_GSSetServerType
Steam_GSSetSpawnCount
Steam_GSUpdateStatus
Steam_GetAPICallResult
Steam_GetGSHandle
Steam_InitiateGameConnection
Steam_LogOff
Steam_LogOn
Steam_ReleaseThreadLocalMemory
Steam_ReleaseUser
Steam_SetLocalIPBinding
Steam_TerminateGameConnection
VR_GetGenericInterfaceInternal
VR_GetStringForHmdErrorInternal
VR_InitInternal
VR_IsHmdPresentInternal
VR_ShutdownInternal
hid_close
hid_enumerate
hid_error
hid_exit
hid_free_enumeration
hid_get_feature_report
hid_get_indexed_string
hid_get_manufacturer_string
hid_get_product_string
hid_get_serial_number_string
hid_init
hid_open
hid_open_path
hid_read
hid_read_timeout
hid_send_feature_report
hid_set_nonblocking
hid_write

Sections

WUS0
Size: - Virtual size: 464KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

WUS1
Size: 249KB - Virtual size: 252KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

Code Sign

4d:ad:94:47:b8:84:33:58:b1:fa:06:8c:ff:8f:62:39Certificate

a8:d7:95:12:7d:48:ce:27:0a:5c:32:53:8e:cb:fc:71:33:c1:ea:a0Signer

Headers

DLL Characteristics

File Characteristics

Exports

Exports

Sections

WUS0 Size: - Virtual size: 464KB

WUS1 Size: 249KB - Virtual size: 252KB

.rsrc Size: 4KB - Virtual size: 8KB

4d:ad:94:47:b8:84:33:58:b1:fa:06:8c:ff:8f:62:39
Certificate

a8:d7:95:12:7d:48:ce:27:0a:5c:32:53:8e:cb:fc:71:33:c1:ea:a0
Signer

WUS0
Size: - Virtual size: 464KB

WUS1
Size: 249KB - Virtual size: 252KB

.rsrc
Size: 4KB - Virtual size: 8KB