2f272170298392ec136f550fe822daa6e228d15f7e3df12417622a32ead0c283N

Sharing

Copy URL Twitter E-mail

General

Target

2f272170298392ec136f550fe822daa6e228d15f7e3df12417622a32ead0c283N
Size

273KB
MD5

fc8b62e185986712763e507bd895bb50
SHA1

3b75f61d4e4b11359af106cc1e1102ad2ce1b157
SHA256

2f272170298392ec136f550fe822daa6e228d15f7e3df12417622a32ead0c283
SHA512

7f26eec403b25348f0a5cba9d74e3a97309e80a4c40eb6ee4e164c53d047a7df163b1eeef56ed2448b08e6f4a0ad53c98d5fc3d399921d0c268c24a6d2c56386
SSDEEP

3072:fcDJaAmtAixWKT3buhOTGkAwaR6E+RwpkJBtOg5r1mz6krLl87gtnqh6k9IWe7:fcDEA83xr3HGBRnPzK1W6eFq39Ve7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2f272170298392ec136f550fe822daa6e228d15f7e3df12417622a32ead0c283N

Files

2f272170298392ec136f550fe822daa6e228d15f7e3df12417622a32ead0c283N
.exe windows:4 windows x86 arch:x86

1efaf96c48a94a155ad984473a28f87e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

e:\buildslave\steam_rel_client_win32\build\src\steamerrorreporter\Release\steamerrorreporter.pdb

Imports

kernel32

GetCurrentThreadId
GetModuleFileNameA
VirtualQuery
HeapAlloc
GetProcessHeap
EnterCriticalSection
LeaveCriticalSection
Sleep
OutputDebugStringW
GetTickCount
CloseHandle
CreateEventA
SetEnvironmentVariableA
CompareStringW
CompareStringA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
CreateFileA
SetStdHandle
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
GetStringTypeW
GetStringTypeA
GetLocaleInfoW
GetLocaleInfoA
LoadLibraryA
GetConsoleMode
GetConsoleCP
LCMapStringW
LCMapStringA
MultiByteToWideChar
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
GetTimeZoneInformation
QueryPerformanceCounter
GetFileType
UnregisterWait
SetEvent
DuplicateHandle
GetCurrentProcess
GetLastError
ConnectNamedPipe
ResetEvent
GetOverlappedResult
ReadFile
DisconnectNamedPipe
GetCurrentProcessId
DeleteCriticalSection
ReleaseMutex
UnregisterWaitEx
InterlockedDecrement
InitializeCriticalSection
QueueUserWorkItem
InterlockedIncrement
RegisterWaitForSingleObject
WriteFile
CreateNamedPipeW
CreateEventW
CreateMutexW
OpenProcess
ReadProcessMemory
GetSystemTimeAsFileTime
LoadLibraryW
GetProcAddress
FreeLibrary
CreateFileW
GetSystemTime
FlushFileBuffers
CreateDirectoryW
GetFileAttributesW
SetFileAttributesW
GetFileTime
DeleteFileW
SetEndOfFile
SetFilePointer
RtlUnwind
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RaiseException
GetCommandLineA
HeapFree
GetVersionExA
GetStartupInfoA
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
FindFirstFileW
FindNextFileW
GetModuleHandleA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetStdHandle
ExitProcess
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount

tier0_s

?Push@CValidator@@QAEXPBDPAX0@Z
?ClaimArrayMemory@CValidator@@QAEXPAX@Z
?Pop@CValidator@@QAEXXZ
??1CThreadMutex@@QAE@XZ
g_dwDllEntryThreadId
??0CThreadMutex@@QAE@XZ
g_pMemAllocSteam
Plat_IsInDebugSession
WriteMiniDump
Plat_ExitProcess
AssertMsgImplementation

vstdlib_s

V_FixDoubleSlashes
Q_snprintf
Q_UnicodeToUTF8
Q_UTF8ToUnicode
Q_strncat
Q_StripTrailingSlash
Q_StripLastDir
Q_FixSlashes
Q_MakeAbsolutePath
Q_strncpy

psapi

EnumProcessModules
GetModuleBaseNameW

wininet

InternetCrackUrlW
InternetOpenW
InternetConnectW
HttpOpenRequestW
HttpAddRequestHeadersW
InternetSetOptionW
HttpSendRequestW
HttpQueryInfoW
InternetQueryDataAvailable
InternetReadFile
InternetCloseHandle

Sections

.text
Size: 148KB - Virtual size: 146KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 84KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

1efaf96c48a94a155ad984473a28f87e

Headers

File Characteristics

PDB Paths

Imports

kernel32

tier0_s

vstdlib_s

psapi

wininet

Sections

.text Size: 148KB - Virtual size: 146KB

.rdata Size: 24KB - Virtual size: 20KB

.data Size: 8KB - Virtual size: 17KB

.rsrc Size: 84KB - Virtual size: 84KB

.text
Size: 148KB - Virtual size: 146KB

.rdata
Size: 24KB - Virtual size: 20KB

.data
Size: 8KB - Virtual size: 17KB

.rsrc
Size: 84KB - Virtual size: 84KB