e:\p4depots\BHG\Runtime\Crucible\Crucible_PC_Steam_DX9_Ship.pdb
Overview
overview
10Static
static
10Kingdoms.o...er.exe
windows7-x64
3Kingdoms.o...er.exe
windows10-2004-x64
3Kingdoms.o...ng.exe
windows7-x64
3Kingdoms.o...ng.exe
windows10-2004-x64
3Kingdoms.o...nt.dll
windows7-x64
3Kingdoms.o...nt.dll
windows10-2004-x64
3Kingdoms.o...pi.dll
windows7-x64
3Kingdoms.o...pi.dll
windows10-2004-x64
3Behavioral task
behavioral1
Sample
Kingdoms.of.Amalur.Reckoning.Crack.Only-SKIDROW/SKIDROW/Launcher.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
Kingdoms.of.Amalur.Reckoning.Crack.Only-SKIDROW/SKIDROW/Launcher.exe
Resource
win10v2004-20240802-en
Behavioral task
behavioral3
Sample
Kingdoms.of.Amalur.Reckoning.Crack.Only-SKIDROW/SKIDROW/Reckoning.exe
Resource
win7-20240705-en
Behavioral task
behavioral4
Sample
Kingdoms.of.Amalur.Reckoning.Crack.Only-SKIDROW/SKIDROW/Reckoning.exe
Resource
win10v2004-20240802-en
Behavioral task
behavioral5
Sample
Kingdoms.of.Amalur.Reckoning.Crack.Only-SKIDROW/SKIDROW/Steamclient.dll
Resource
win7-20240704-en
Behavioral task
behavioral6
Sample
Kingdoms.of.Amalur.Reckoning.Crack.Only-SKIDROW/SKIDROW/Steamclient.dll
Resource
win10v2004-20240802-en
Behavioral task
behavioral7
Sample
Kingdoms.of.Amalur.Reckoning.Crack.Only-SKIDROW/SKIDROW/steam_api.dll
Resource
win7-20240704-en
Behavioral task
behavioral8
Sample
Kingdoms.of.Amalur.Reckoning.Crack.Only-SKIDROW/SKIDROW/steam_api.dll
Resource
win10v2004-20240802-en
General
-
Target
06131b7cc10dc1eee4d5211d9a03918bc97b111a1cf6401b6189bb1dd5e4f459
-
Size
3.2MB
-
MD5
88d6e99c92a5f3bb1974094cf95ff9eb
-
SHA1
ffc8b870919d7ea097697bf9625d4810dd2bd66d
-
SHA256
06131b7cc10dc1eee4d5211d9a03918bc97b111a1cf6401b6189bb1dd5e4f459
-
SHA512
27326521ec8775acd374c8cae9d83b300543c5d92a6e82e5360bcc32241cdac1aaa15e9775c25ad1b76489cecfb8b7fe1e38d1b83766b4c5694239e9526475df
-
SSDEEP
49152:BhWylc6tjsBZTZooO0S+a1uwgZoSy3vEaLH9rnp3E7Zn48RRh:DBQBZiF7cwgZoSy3XZrp378V
Malware Config
Signatures
-
Detects Strela Stealer payload 1 IoCs
resource yara_rule static1/unpack001/Kingdoms.of.Amalur.Reckoning.Crack.Only-SKIDROW/SKIDROW/Reckoning.exe family_strela -
Strela family
-
Unsigned PE 4 IoCs
Checks for missing Authenticode signature.
resource unpack001/Kingdoms.of.Amalur.Reckoning.Crack.Only-SKIDROW/SKIDROW/Launcher.exe unpack001/Kingdoms.of.Amalur.Reckoning.Crack.Only-SKIDROW/SKIDROW/Reckoning.exe unpack001/Kingdoms.of.Amalur.Reckoning.Crack.Only-SKIDROW/SKIDROW/Steamclient.dll unpack001/Kingdoms.of.Amalur.Reckoning.Crack.Only-SKIDROW/SKIDROW/steam_api.dll
Files
-
06131b7cc10dc1eee4d5211d9a03918bc97b111a1cf6401b6189bb1dd5e4f459.rar
-
Kingdoms.of.Amalur.Reckoning.Crack.Only-SKIDROW/SKIDROW/Launcher.exe.exe windows:5 windows x86 arch:x86
45a128cfbaa58daddcce02ea884a4b79
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
winmm
waveOutWrite
waveOutUnprepareHeader
waveOutReset
waveOutPrepareHeader
waveOutOpen
waveOutGetPosition
waveOutClose
kernel32
GetStringTypeW
MultiByteToWideChar
LCMapStringW
WideCharToMultiByte
GetModuleFileNameW
GetPrivateProfileStringW
WritePrivateProfileStringW
FindResourceExW
LoadResource
SizeofResource
LockResource
WaitForSingleObject
CloseHandle
CreateThread
SetThreadPriority
HeapAlloc
HeapCreate
HeapDestroy
Sleep
CreateFileA
ReadFile
FindResourceA
RtlUnwind
LoadLibraryW
EnterCriticalSection
LeaveCriticalSection
HeapReAlloc
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
DeleteCriticalSection
GetFileType
InitializeCriticalSectionAndSpinCount
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetFilePointer
GetStartupInfoW
GetStdHandle
WriteFile
EncodePointer
DecodePointer
GetCommandLineW
HeapSetInformation
RaiseException
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapSize
GetProcAddress
GetModuleHandleW
ExitProcess
GetLastError
HeapFree
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
IsProcessorFeaturePresent
user32
GetWindowTextW
wsprintfW
SetWindowTextW
SendMessageW
GetClientRect
PostQuitMessage
EndPaint
BeginPaint
DefWindowProcW
UpdateWindow
ShowWindow
GetSystemMetrics
CreateWindowExW
RegisterClassExW
LoadCursorW
DispatchMessageW
TranslateMessage
GetMessageW
MessageBoxW
gdi32
CreateFontW
CreateDIBSection
shell32
ShellExecuteW
Sections
.text Size: 38KB - Virtual size: 37KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 13KB - Virtual size: 13KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 3KB - Virtual size: 79KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 199KB - Virtual size: 198KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 6KB - Virtual size: 5KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
Kingdoms.of.Amalur.Reckoning.Crack.Only-SKIDROW/SKIDROW/Reckoning.exe.exe windows:5 windows x86 arch:x86
a55e7cb8d3b23304d6ba5f5e7d5a8a66
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
steam_api
SteamAPI_Init
SteamApps
SteamRemoteStorage
SteamUserStats
SteamUtils
SteamFriends
SteamAPI_UnregisterCallback
SteamAPI_RegisterCallback
SteamAPI_RunCallbacks
SteamAPI_RestartAppIfNecessary
kernel32
TlsGetValue
TlsFree
TlsAlloc
DebugBreak
GetSystemInfo
VirtualAlloc
InterlockedExchange
Sleep
VirtualFree
InterlockedCompareExchange
VirtualQuery
GetModuleFileNameW
GetExitCodeThread
GetProcessHeap
SetEndOfFile
SetEnvironmentVariableA
HeapAlloc
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
GetLocaleInfoW
GetStringTypeW
GetStringTypeA
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
OutputDebugStringA
TlsSetValue
CreateFileA
CompareStringW
CompareStringA
GetExitCodeProcess
CreatePipe
GetFullPathNameA
InitializeCriticalSectionAndSpinCount
LCMapStringW
LCMapStringA
GetTimeZoneInformation
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
ReadFile
FlushFileBuffers
SetFilePointer
SetStdHandle
HeapFree
HeapCreate
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetConsoleMode
GetConsoleCP
IsDebuggerPresent
TerminateProcess
SetLastError
GetStdHandle
WriteFile
SetUnhandledExceptionFilter
UnhandledExceptionFilter
InterlockedDecrement
InterlockedIncrement
RtlUnwind
GetDateFormatA
GetTimeFormatA
DuplicateHandle
CreateProcessA
MoveFileA
GetDriveTypeA
ExitProcess
GetModuleHandleW
GetSystemTimeAsFileTime
FileTimeToLocalFileTime
FileTimeToSystemTime
DeleteFileA
CreateDirectoryA
GetStartupInfoA
GetCommandLineA
GetSystemTime
lstrlenW
MulDiv
GetCurrentProcessId
CreateToolhelp32Snapshot
GetModuleHandleA
GetModuleFileNameA
Process32Next
Process32First
MultiByteToWideChar
WideCharToMultiByte
LoadLibraryA
CreateThread
ResumeThread
SetThreadPriority
GetLogicalProcessorInformation
GetVersion
GetLastError
GetProcAddress
LoadLibraryW
FreeLibrary
GetCurrentDirectoryA
GetFileAttributesExA
GetCurrentThreadId
QueryPerformanceFrequency
GlobalMemoryStatusEx
InterlockedExchangeAdd
RaiseException
ReleaseSemaphore
CreateSemaphoreA
CreateEventA
SetEvent
WaitForSingleObject
QueryPerformanceCounter
GetCurrentProcess
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
GlobalUnlock
GlobalAlloc
GlobalLock
FindNextFileA
FindClose
GetFileAttributesA
GetTickCount
GetPrivateProfileStringA
WritePrivateProfileStringA
CloseHandle
FindFirstFileA
ws2_32
WSACreateEvent
setsockopt
sendto
recv
bind
socket
closesocket
gethostbyname
send
listen
accept
WSAAsyncSelect
WSAIoctl
getpeername
WSAGetOverlappedResult
WSAWaitForMultipleEvents
WSAResetEvent
WSARecvFrom
__WSAFDIsSet
select
WSACleanup
ioctlsocket
gethostname
connect
inet_ntoa
WSAStartup
recvfrom
ntohl
inet_addr
htonl
WSAGetLastError
htons
ntohs
getsockname
WSARecv
WSASetEvent
WSACloseEvent
shutdown
iphlpapi
GetAdaptersAddresses
binkw32
_BinkGetFrameBuffersInfo@8
_BinkRegisterFrameBuffers@8
_BinkDoFrameAsync@12
_BinkOpenDirectSound@4
_BinkRequestStopAsyncThread@4
_BinkOpenXAudio2@4
_BinkSetSoundSystem@8
_BinkClose@4
_BinkDoFrameAsyncWait@8
_BinkOpen@8
_BinkSetSoundTrack@8
_BinkSetWillLoop@8
_BinkStartAsyncThread@8
_BinkSetSpeakerVolumes@20
_BinkWaitStopAsyncThread@4
_BinkControlBackgroundIO@8
_BinkSetMemory@8
_BinkWait@4
_BinkGetRealtime@12
_BinkNextFrame@4
_BinkShouldSkip@4
_BinkPause@8
_BinkSetVolume@12
_BinkGetRects@8
fmod_event
?getEventBySystemID@EventSystem@FMOD@@QAG?AW4FMOD_RESULT@@IIPAPAVEvent@2@@Z
?setValue@EventParameter@FMOD@@QAG?AW4FMOD_RESULT@@M@Z
?keyOff@EventParameter@FMOD@@QAG?AW4FMOD_RESULT@@XZ
?release@Event@FMOD@@QAG?AW4FMOD_RESULT@@_N0@Z
?start@Event@FMOD@@QAG?AW4FMOD_RESULT@@XZ
?getState@Event@FMOD@@QAG?AW4FMOD_RESULT@@PAI@Z
?getParentGroup@Event@FMOD@@QAG?AW4FMOD_RESULT@@PAPAVEventGroup@2@@Z
?setCallback@Event@FMOD@@QAG?AW4FMOD_RESULT@@P6G?AW43@PAUFMOD_EVENT@@W4FMOD_EVENT_CALLBACKTYPE@@PAX22@Z2@Z
?getParameter@Event@FMOD@@QAG?AW4FMOD_RESULT@@PBDPAPAVEventParameter@2@@Z
?getNumParameters@Event@FMOD@@QAG?AW4FMOD_RESULT@@PAH@Z
?setPropertyByIndex@Event@FMOD@@QAG?AW4FMOD_RESULT@@HPAX_N@Z
?setVolume@Event@FMOD@@QAG?AW4FMOD_RESULT@@M@Z
?getNumReverbPresets@EventSystem@FMOD@@QAG?AW4FMOD_RESULT@@PAH@Z
?createReverb@EventSystem@FMOD@@QAG?AW4FMOD_RESULT@@PAPAVEventReverb@2@@Z
?setReverbAmbientProperties@EventSystem@FMOD@@QAG?AW4FMOD_RESULT@@PAUFMOD_REVERB_PROPERTIES@@@Z
?getReverbAmbientProperties@EventSystem@FMOD@@QAG?AW4FMOD_RESULT@@PAUFMOD_REVERB_PROPERTIES@@@Z
?stop@Event@FMOD@@QAG?AW4FMOD_RESULT@@_N@Z
?getInfo@Event@FMOD@@QAG?AW4FMOD_RESULT@@PAHPAPADPAUFMOD_EVENT_INFO@@@Z
?getProperty@Event@FMOD@@QAG?AW4FMOD_RESULT@@PBDPAX_N@Z
?getPropertyByIndex@Event@FMOD@@QAG?AW4FMOD_RESULT@@HPAX_N@Z
?release@EventSystem@FMOD@@QAG?AW4FMOD_RESULT@@XZ
?update@EventSystem@FMOD@@QAG?AW4FMOD_RESULT@@XZ
?load@EventSystem@FMOD@@QAG?AW4FMOD_RESULT@@PBDPAUFMOD_EVENT_LOADINFO@@PAPAVEventProject@2@@Z
?unload@EventSystem@FMOD@@QAG?AW4FMOD_RESULT@@XZ
?setPaused@Event@FMOD@@QAG?AW4FMOD_RESULT@@_N@Z
?getCategory@EventSystem@FMOD@@QAG?AW4FMOD_RESULT@@PBDPAPAVEventCategory@2@@Z
?getCategoryByIndex@EventSystem@FMOD@@QAG?AW4FMOD_RESULT@@HPAPAVEventCategory@2@@Z
?getNumCategories@EventSystem@FMOD@@QAG?AW4FMOD_RESULT@@PAH@Z
?setReverbProperties@EventSystem@FMOD@@QAG?AW4FMOD_RESULT@@PBUFMOD_REVERB_PROPERTIES@@@Z
?getReverbPreset@EventSystem@FMOD@@QAG?AW4FMOD_RESULT@@PBDPAUFMOD_REVERB_PROPERTIES@@PAH@Z
?set3DListenerAttributes@EventSystem@FMOD@@QAG?AW4FMOD_RESULT@@HPBUFMOD_VECTOR@@000@Z
_FMOD_EventSystem_Create@4
?getSystemObject@EventSystem@FMOD@@QAG?AW4FMOD_RESULT@@PAPAVSystem@2@@Z
?set3DAttributes@Event@FMOD@@QAG?AW4FMOD_RESULT@@PBUFMOD_VECTOR@@00@Z
?getReverbPresetByIndex@EventSystem@FMOD@@QAG?AW4FMOD_RESULT@@HPAUFMOD_REVERB_PROPERTIES@@PAPAD@Z
?init@EventSystem@FMOD@@QAG?AW4FMOD_RESULT@@HIPAXI@Z
fmodex
?setOutput@System@FMOD@@QAG?AW4FMOD_RESULT@@W4FMOD_OUTPUTTYPE@@@Z
?getDriverInfo@System@FMOD@@QAG?AW4FMOD_RESULT@@HPADHPAUFMOD_GUID@@@Z
?getDriverCaps@System@FMOD@@QAG?AW4FMOD_RESULT@@HPAIPAH1PAW4FMOD_SPEAKERMODE@@@Z
?createSound@System@FMOD@@QAG?AW4FMOD_RESULT@@PBDIPAUFMOD_CREATESOUNDEXINFO@@PAPAVSound@2@@Z
?remove@DSP@FMOD@@QAG?AW4FMOD_RESULT@@XZ
?setParameter@DSP@FMOD@@QAG?AW4FMOD_RESULT@@HM@Z
?getParameter@DSP@FMOD@@QAG?AW4FMOD_RESULT@@HPAMPADH@Z
?setHardwareChannels@System@FMOD@@QAG?AW4FMOD_RESULT@@HHHH@Z
?getSoftwareChannels@System@FMOD@@QAG?AW4FMOD_RESULT@@PAH@Z
?getSoftwareFormat@System@FMOD@@QAG?AW4FMOD_RESULT@@PAHPAW4FMOD_SOUND_FORMAT@@00PAW4FMOD_DSP_RESAMPLER@@0@Z
?getType@DSP@FMOD@@QAG?AW4FMOD_RESULT@@PAW4FMOD_DSP_TYPE@@@Z
?addDSP@ChannelGroup@FMOD@@QAG?AW4FMOD_RESULT@@PAVDSP@2@PAPAVDSPConnection@2@@Z
?setDSPBufferSize@System@FMOD@@QAG?AW4FMOD_RESULT@@IH@Z
?setFileSystem@System@FMOD@@QAG?AW4FMOD_RESULT@@P6G?AW43@PBDHPAIPAPAX2@ZP6G?AW43@PAX4@ZP6G?AW43@44I14@ZP6G?AW43@4I4@ZP6G?AW43@PAUFMOD_ASYNCREADINFO@@4@Z5H@Z
?setSpeakerMode@System@FMOD@@QAG?AW4FMOD_RESULT@@W4FMOD_SPEAKERMODE@@@Z
?setStreamBufferSize@System@FMOD@@QAG?AW4FMOD_RESULT@@II@Z
?getVersion@System@FMOD@@QAG?AW4FMOD_RESULT@@PAI@Z
?getHardwareChannels@System@FMOD@@QAG?AW4FMOD_RESULT@@PAH00@Z
?getDSPHead@System@FMOD@@QAG?AW4FMOD_RESULT@@PAPAVDSP@2@@Z
FMOD_Memory_Initialize
FMOD_Memory_GetStats
?getOutput@System@FMOD@@QAG?AW4FMOD_RESULT@@PAW4FMOD_OUTPUTTYPE@@@Z
?createDSPByType@System@FMOD@@QAG?AW4FMOD_RESULT@@W4FMOD_DSP_TYPE@@PAPAVDSP@2@@Z
?setLevels@DSPConnection@FMOD@@QAG?AW4FMOD_RESULT@@W4FMOD_SPEAKER@@PAMH@Z
?getInput@DSP@FMOD@@QAG?AW4FMOD_RESULT@@HPAPAV12@PAPAVDSPConnection@2@@Z
?getOpenState@Sound@FMOD@@QAG?AW4FMOD_RESULT@@PAW4FMOD_OPENSTATE@@PAIPA_N@Z
?getLength@Sound@FMOD@@QAG?AW4FMOD_RESULT@@PAII@Z
?getSubSound@Sound@FMOD@@QAG?AW4FMOD_RESULT@@HPAPAV12@@Z
?release@Sound@FMOD@@QAG?AW4FMOD_RESULT@@XZ
d3dx9_30
D3DXSaveSurfaceToFileA
D3DXCreateEffect
D3DXGetShaderConstantTable
D3DXCreateVolumeTexture
D3DXCreateVolumeTextureFromFileInMemoryEx
D3DXCreateCubeTexture
D3DXCreateTextureFromFileInMemoryEx
D3DXCreateCubeTextureFromFileInMemoryEx
D3DXGetImageInfoFromFileInMemory
xinput1_1
XInputSetState
XInputEnable
XInputGetState
winmm
timeBeginPeriod
timeGetTime
user32
GetClipCursor
GetClientRect
BeginPaint
GetMonitorInfoA
CreateIconIndirect
IsZoomed
GetWindowPlacement
MonitorFromWindow
ClipCursor
AdjustWindowRectEx
IsWindowVisible
UnregisterHotKey
RegisterHotKey
GetClassLongA
MoveWindow
IsIconic
EndPaint
GetFocus
DestroyCursor
GetForegroundWindow
LoadCursorA
UpdateLayeredWindow
GetWindowRect
RegisterClassExA
GetClassInfoExA
LoadIconA
SendMessageA
GetDlgItem
EndDialog
GetDesktopWindow
SetWindowPos
ShowWindow
CloseWindow
DialogBoxIndirectParamA
ClientToScreen
DestroyWindow
ScreenToClient
PostQuitMessage
GetRawInputData
SetCapture
GetKeyState
SetForegroundWindow
TranslateMessage
SetWindowLongA
UnregisterClassA
GetWindowLongA
CreateWindowExA
PeekMessageA
DefWindowProcA
PostMessageA
RegisterRawInputDevices
DispatchMessageA
ReleaseCapture
FindWindowA
RegisterClassA
GetKeyboardLayout
MapVirtualKeyExA
ToUnicodeEx
LoadImageA
EnumDisplaySettingsA
MessageBoxA
SystemParametersInfoA
GetKeyboardState
SetCursorPos
GetCursorPos
CloseClipboard
IsClipboardFormatAvailable
GetClipboardData
EmptyClipboard
OpenClipboard
SetClipboardData
GetIconInfo
GetDC
ReleaseDC
SetCursor
GetSystemMetrics
gdi32
CreateCompatibleDC
SelectObject
GetObjectA
GetDIBits
DeleteDC
GetStockObject
GetDeviceCaps
CreateBitmap
DeleteObject
CreateDIBSection
advapi32
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
shell32
SHGetFolderPathA
ShellExecuteA
ole32
CoInitialize
CoCreateInstance
CoUninitialize
CoInitializeEx
oleaut32
SysFreeString
SysAllocString
VariantClear
Sections
.text Size: 7.1MB - Virtual size: 7.2MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 653KB - Virtual size: 656KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 104KB - Virtual size: 212KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.tls Size: 3KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 409KB - Virtual size: 408KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
-
Kingdoms.of.Amalur.Reckoning.Crack.Only-SKIDROW/SKIDROW/SKIDROW.ini
-
Kingdoms.of.Amalur.Reckoning.Crack.Only-SKIDROW/SKIDROW/Steamclient.dll.dll windows:5 windows x86 arch:x86
ca8f196ebeb860e61002d7f57f2739e0
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Imports
advapi32
RegCreateKeyExA
RegSetValueExA
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
shell32
SHGetFolderPathA
user32
MessageBoxA
wininet
InternetOpenA
InternetCloseHandle
InternetCrackUrlA
kernel32
GetProcessHeap
SetEndOfFile
CreateFileW
WriteConsoleW
CreateFileA
SetStdHandle
LoadLibraryW
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
VirtualProtectEx
GetCurrentProcess
WriteProcessMemory
SetLastError
GetModuleHandleA
GetProcAddress
GetTickCount
GetModuleFileNameA
VirtualFree
VirtualProtect
VirtualAlloc
VirtualQuery
CloseHandle
CreateToolhelp32Snapshot
Thread32First
GetCurrentProcessId
GetCurrentThreadId
Thread32Next
OpenThread
SuspendThread
GetThreadContext
SetThreadContext
ResumeThread
SetEnvironmentVariableA
FindClose
FindNextFileA
FindFirstFileA
GetLastError
GetPrivateProfileStringA
GetEnvironmentVariableA
WritePrivateProfileStringA
GetVolumeInformationA
InterlockedIncrement
InterlockedDecrement
WideCharToMultiByte
Sleep
InterlockedExchange
EncodePointer
DecodePointer
MultiByteToWideChar
HeapFree
HeapAlloc
CreateDirectoryA
GetSystemTimeAsFileTime
DeleteFileA
GetCommandLineA
RaiseException
RtlUnwind
LCMapStringW
GetCPInfo
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetACP
GetOEMCP
IsValidCodePage
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleW
HeapCreate
HeapDestroy
HeapSize
ExitProcess
IsProcessorFeaturePresent
ReadFile
SetFilePointer
InitializeCriticalSectionAndSpinCount
WriteFile
GetStdHandle
GetModuleFileNameW
GetLocaleInfoW
GetConsoleCP
GetConsoleMode
SetHandleCount
GetFileType
GetStartupInfoW
FlushFileBuffers
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
GetStringTypeW
HeapReAlloc
Exports
Exports
?_Patch@@YAHIPBXI@Z
CreateInterface
SKIDROW
Steam_BConnected
Steam_BGetCallback
Steam_BLoggedOn
Steam_BReleaseSteamPipe
Steam_ConnectToGlobalUser
Steam_CreateGlobalUser
Steam_CreateLocalUser
Steam_CreateSteamPipe
Steam_FreeLastCallback
Steam_GSBLoggedOn
Steam_GSBSecure
Steam_GSGetSteam2GetEncryptionKeyToSendToNewClient
Steam_GSGetSteamID
Steam_GSLogOff
Steam_GSLogOn
Steam_GSRemoveUserConnect
Steam_GSSendSteam2UserConnect
Steam_GSSendSteam3UserConnect
Steam_GSSendUserDisconnect
Steam_GSSendUserStatusResponse
Steam_GSSetServerType
Steam_GSSetSpawnCount
Steam_GSUpdateStatus
Steam_GetAPICallResult
Steam_GetGSHandle
Steam_InitiateGameConnection
Steam_LogOff
Steam_LogOn
Steam_ReleaseUser
Steam_SetLocalIPBinding
Steam_TerminateGameConnection
Sections
.text Size: 245KB - Virtual size: 244KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 59KB - Virtual size: 59KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 7KB - Virtual size: 15KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.STMSIG Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 30KB - Virtual size: 30KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
Kingdoms.of.Amalur.Reckoning.Crack.Only-SKIDROW/SKIDROW/steam_api.dll.dll windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
PDB Paths
d:\buildslave\steam_rel_client_win32\build\src\steam_api\Release\steam_api.pdb
Exports
Exports
GetHSteamPipe
GetHSteamUser
SteamAPI_GetHSteamPipe
SteamAPI_GetHSteamUser
SteamAPI_GetSteamInstallPath
SteamAPI_Init
SteamAPI_InitSafe
SteamAPI_IsSteamRunning
SteamAPI_RegisterCallResult
SteamAPI_RegisterCallback
SteamAPI_RestartAppIfNecessary
SteamAPI_RunCallbacks
SteamAPI_SetBreakpadAppID
SteamAPI_SetMiniDumpComment
SteamAPI_SetTryCatchCallbacks
SteamAPI_Shutdown
SteamAPI_UnregisterCallResult
SteamAPI_UnregisterCallback
SteamAPI_UseBreakpadCrashHandler
SteamAPI_WriteMiniDump
SteamApps
SteamClient
SteamContentServer
SteamContentServerUtils
SteamContentServer_Init
SteamContentServer_RunCallbacks
SteamContentServer_Shutdown
SteamFriends
SteamGameServer
SteamGameServerApps
SteamGameServerNetworking
SteamGameServerStats
SteamGameServerUtils
SteamGameServer_BSecure
SteamGameServer_GetHSteamPipe
SteamGameServer_GetHSteamUser
SteamGameServer_GetIPCCallCount
SteamGameServer_GetSteamID
SteamGameServer_Init
SteamGameServer_InitSafe
SteamGameServer_RunCallbacks
SteamGameServer_Shutdown
SteamHTTP
SteamMasterServerUpdater
SteamMatchmaking
SteamMatchmakingServers
SteamNetworking
SteamRemoteStorage
SteamUser
SteamUserStats
SteamUtils
Steam_GetHSteamUserCurrent
Steam_RegisterInterfaceFuncs
Steam_RunCallbacks
g_pSteamClientGameServer
Sections
.text Size: 76KB - Virtual size: 72KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 16KB - Virtual size: 15KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.data Size: 8KB - Virtual size: 12KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 4KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 12KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
-
Kingdoms.of.Amalur.Reckoning.Crack.Only-SKIDROW/skidrow.nfo