Week of Data Dumps, Part 4 – games-related strings

This series got a bit delayed, because I got sick last week.

This is a bit counter-intuitive – why would you want to collect strings related to games?

First, there was a time when games were targeted by malware authors a lot. Secondly, if you have a good list of games-related strings, you can quickly classify many samples. If you find these specific strings inside an executable it’s either a part of a game, or a crack for the game, or a malware targeting a game, or some 3rd party software dealing with games in bulk. Not too many options…

Today there are many resources listing various game names, their executable names, etc. so instead of giving you the answer on the plate, I will list two decent sources I used in the past:

  • GameUXLegacyGDFs.dll – Microsoft library, contains a large database of games inside its resources
  • fingerprint.db – Nvidia’s file listing many games and collections of file names, and other interesting artifacts