» steam_api.dll
Overview
Analysis
File Details
Programs (2)

steam_api.dll

The library steam_api.dll has been detected as malware by 60 anti-virus scanners. Additionally, the file is typically installed by a number of programs including How to Survive by R.G. Mechanics, markfiter and Rodina by Elliptic Games.

File name:

steam_api.dll

MD5:

9aa82a42ca757aee45528f89b738843a

SHA-1:

69c39eaecd1636a18d4c837b8e8391dac73e63d3

SHA-256:

766810864104abd574bd1be72ba7302876083c8eb99200652eb5a2b64968b64c

Scanner detections:

60 / 68

Status:

Malware

Analysis date:

5/31/2024 5:53:58 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Variant.Kazy.203010

1004

Agnitum Outpost

Trojan.VMProtect

7.1.1

Avira AntiVirus

TR/Black.Gen2

7.11.147.184

AVG

Win32/Heur

2015.0.3482

Baidu Antivirus

Trojan.Win32.VMProtect

4.0.3.1457

Bitdefender

Gen:Variant.Kazy.203010

1.0.20.635

Bkav FE

W32.HfsAutoA

1.3.0.4959

Emsisoft Anti-Malware

Gen:Variant.Kazy.203010

8.14.05.07.01

ESET NOD32

Win32/Packed.VMProtect.ABD (variant)

8.9761

Fortinet FortiGate

W32/VMProtBad.A!tr

5/7/2014

F-Secure

Gen:Variant.Kazy.203010

11.2014-07-05_4

G Data

Gen:Variant.Kazy.203010

14.5.24

IKARUS anti.virus

Virus.Win32.Heur

t3scan.1.6.1.0

K7 AntiVirus

Trojan

13.177.11984

Kaspersky

HEUR:Trojan.Win32.Generic

14.0.0.3905

McAfee

RDN/Generic.dx!dbc

5600.7138

MicroWorld eScan

Gen:Variant.Kazy.203010

15.0.0.381

NANO AntiVirus

Trojan.Win32.Black.cxcdpy

0.28.0.59608

Norman

Troj_Generic.TPXQH

11.20140507

Panda Antivirus

Trj/CI.A

14.05.07.01

Sophos

Mal/VMProtBad-A

4.98

Trend Micro House Call

TROJ_SPNV.01DR14

7.2.127

Trend Micro

TROJ_SPNV.01DR14

10.465.07

VIPRE Antivirus

Trojan.Win32.Generic

28908

File size:

243 KB (248,832 bytes)

File type:

Dynamic link library (Win32 DLL)

Common path:

C:\users\{user}\appdata\local\temp\{random}.tmp\daylight\limagame\binaries\win32\steam_api.dll

File PE Metadata

Compilation timestamp:

4/21/2014 12:12:07 AM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

10.0

CTPH (ssdeep):

6144:FT6D8VHe+y4ORhJKWtVigSpl0JoEydn3QkS:MEBy4ORhJp6LaK5pA

Entry address:

0x5EAAA

Entry point:

E8, B2, 90, 01, 00, 50, F0, 1F, FD, FD, 8E, 57, 92, 67, 74, B4, 76, C2, 00, 50, 76, 40, 65, 43, CE, CD, 3F, 6D, 26, 61, 01, 9C, BF, 00, 99, 12, F7, 17, F5, 36, 35, CA, 8A, 07, 80, DC, 8F, 4C, 9D, 7D, 77, 79, E5, C1, D8, 4E, 46, 51, 24, 8C, D4, 5B, 50, C2, 04, B9, ED, DD, 25, 15, D8, 9F, F6, F7, 84, EF, 21, 2D, 9F, 31, C1, CE, 28, 03, E4, 6B, A4, 46, F6, 7F, 93, EC, 94, 1E, 16, AA, C4, 45, 2B, B4, 43, 00, 81, CA, 38, 48, D2, 7D, 90, C8, EB, 6C, 13, D4, 4C, 0D, 8D, 70, 75, 14, 8A, 85, 45, EB, DB, 5C, 89, C9... 
[+]

Entropy:

7.8977 (probably packed)

Code size:

102 KB (104,448 bytes)

The file steam_api.dll has been discovered within the following programs.

How to Survive by R.G. Mechanics, markfiter

tapochek.net

About 4% of users remove it

Rodina by Elliptic Games

www.elliptic-games.com

About 2% of users remove it

Remove steam_api.dll - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.