Static task
static1
Behavioral task
behavioral1
Sample
SecuriteInfo.com.Trojan.PWS.Steam.26450.29302.exe
Resource
win7-20220223-en
Behavioral task
behavioral2
Sample
SecuriteInfo.com.Trojan.PWS.Steam.26450.29302.exe
Resource
win10v2004-en-20220112
General
-
Target
SecuriteInfo.com.Trojan.PWS.Steam.26450.29302.9996
-
Size
1.1MB
-
MD5
1cb79dd340381e83c85a178c8a921b36
-
SHA1
3e8be81d4217a38a325058666395dcb32b122474
-
SHA256
6087cbea917f0062401149be475a2d9440d00ce2a962d3be3b16f26264729233
-
SHA512
f0425436b7df637bb9b886ea6759c3b225f1368a10dbdc890b3fc6ee5b3e5472f0d7da56bcf037d709c5d1ccbfdf516a18bde975f3f9165e278c89b5ac3a3766
Malware Config
Signatures
Files
-
SecuriteInfo.com.Trojan.PWS.Steam.26450.29302.9996.exe windows x86
fd40d85e7c142a7a1d470755ef3b49a0
Code Sign
19:52:de:fc:fd:93:8c:a6:48:0a:e1:c8:a1:b9:3f:b4Certificate
IssuerCN=S-Data Swordfish ASWORDFISH-530I-Y 250Not Before28-02-2022 22:10Not After01-03-2032 22:10SubjectCN=S-Data Swordfish ASWORDFISH-530I-Y 2508c:77:a0:00:8f:f4:d1:b0:c6:3d:9f:3a:48:83:8d:6bCertificate
IssuerCN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GBNot Before23-10-2020 00:00Not After22-01-2032 23:59SubjectCN=Sectigo RSA Time Stamping Signer #2,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GBExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageContentCommitment
30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9Certificate
IssuerCN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=USNot Before02-05-2019 00:00Not After18-01-2038 23:59SubjectCN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GBExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
bd:e3:87:ea:45:66:63:fd:be:35:5f:28:0e:a6:03:9b:2c:83:7b:ed:95:c6:59:30:4c:8e:cf:0c:c1:05:60:87Signer
Actual PE Digestbd:e3:87:ea:45:66:63:fd:be:35:5f:28:0e:a6:03:9b:2c:83:7b:ed:95:c6:59:30:4c:8e:cf:0c:c1:05:60:87Digest Algorithmsha256PE Digest MatchestrueSignature Validations
TrustedfalseVerification
Signing CertificateCN=S-Data Swordfish ASWORDFISH-530I-Y 25007-03-2022 09:50 Valid: false
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
GetModuleHandleA
user32
GetDlgItem
advapi32
RegOpenKeyExW
comctl32
InitCommonControls
mscoree
_CorExeMain
shell32
SHGetIconOverlayIndexA
Sections
.didata Size: - Virtual size: 112KB
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.shared Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 807KB - Virtual size: 832KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.edata Size: 293KB - Virtual size: 300KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE