General
-
Target
SecuriteInfo.com.Trojan.PWS.Steam.27776.32122.30617
-
Size
939KB
-
Sample
220415-d5by5sbger
-
MD5
c7b2f2bf03dc91ffb2b9beab50aa5835
-
SHA1
23c70b6de6c3a2958d1b0dc25b691106f215ac0f
-
SHA256
e5bf5fad9a4c4d6351fc00763305c35419b1bbf9aef689973112fccdd289292f
-
SHA512
dedc8b90306de0c0b1bfddd2f3a7a31a3c096e036a24e14794aa63dc8a40af8455110cc260ebb4651ee02c336eb9e04e99afd969e70341e2f3a770d744d86875
Static task
static1
Behavioral task
behavioral1
Sample
SecuriteInfo.com.Trojan.PWS.Steam.27776.32122.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
SecuriteInfo.com.Trojan.PWS.Steam.27776.32122.exe
Resource
win10v2004-20220414-en
Malware Config
Targets
-
-
Target
SecuriteInfo.com.Trojan.PWS.Steam.27776.32122.30617
-
Size
939KB
-
MD5
c7b2f2bf03dc91ffb2b9beab50aa5835
-
SHA1
23c70b6de6c3a2958d1b0dc25b691106f215ac0f
-
SHA256
e5bf5fad9a4c4d6351fc00763305c35419b1bbf9aef689973112fccdd289292f
-
SHA512
dedc8b90306de0c0b1bfddd2f3a7a31a3c096e036a24e14794aa63dc8a40af8455110cc260ebb4651ee02c336eb9e04e99afd969e70341e2f3a770d744d86875
-
Meta Stealer Stealer
Meta Stealer steals passwords stored in browsers, written in C++.
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-