SecuriteInfo[.]com[.]Trojan[.]PWS[.]Steam[.]27776[.]32122[.]30617

Sharing

Copy URL

Twitter E-mail

General

Target

SecuriteInfo.com.Trojan.PWS.Steam.27776.32122.30617
Size

939KB
MD5

c7b2f2bf03dc91ffb2b9beab50aa5835
SHA1

23c70b6de6c3a2958d1b0dc25b691106f215ac0f
SHA256

e5bf5fad9a4c4d6351fc00763305c35419b1bbf9aef689973112fccdd289292f
SHA512

dedc8b90306de0c0b1bfddd2f3a7a31a3c096e036a24e14794aa63dc8a40af8455110cc260ebb4651ee02c336eb9e04e99afd969e70341e2f3a770d744d86875
SSDEEP

24576:64daLrqg2i1505lkPqVPc+NuSnhSKBltOR:64cPq/iPa5V2EAKG

Score

N/A

Malware Config

Signatures

Files

SecuriteInfo.com.Trojan.PWS.Steam.27776.32122.30617
.exe windows x86

76b0ff22bd1741de688ce65231800a79

Code Sign

87:82:52:60:00:00:00:00:51:d3:73:d9
Certificate

Issuer

CN=Entrust Root Certification Authority - G2,OU=See www.entrust.net/legal-terms+OU=(c) 2009 Entrust\, Inc. - for authorized use only,O=Entrust\, Inc.,C=US

Not Before

10-06-2015 13:42

Not After

10-11-2030 14:12

Subject

CN=Entrust Extended Validation Code Signing CA - EVCS1,OU=See www.entrust.net/legal-terms+OU=(c) 2015 Entrust\, Inc. - for authorized use only,O=Entrust\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

05:f9:7d:05:4a:9b:fc:bf:9d:5e:12:f8:d0:ab:be:07
Certificate

Issuer

CN=Entrust Extended Validation Code Signing CA - EVCS1,OU=See www.entrust.net/legal-terms+OU=(c) 2015 Entrust\, Inc. - for authorized use only,O=Entrust\, Inc.,C=US

Not Before

08-12-2020 14:34

Not After

08-12-2023 14:34

Subject

SERIALNUMBER=31 333 532,CN=ESET\, spol. s r.o.,O=ESET\, spol. s r.o.,L=Bratislava,C=SK,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.3=#1302534b

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

33:00:00:00:42:00:ba:5e:23:b0:a1:f3:99:00:00:00:00:00:42
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

07-07-2015 20:55

Not After

07-07-2025 20:55

Subject

CN=Entrust Root Certification Authority - G2,OU=See www.entrust.net/legal-terms+OU=(c) 2009 Entrust\, Inc. - for authorized use only,O=Entrust\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01-01-2021 00:00

Not After

06-01-2031 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07-01-2016 12:00

Not After

07-01-2031 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:1c:b2:8a:00:00:00:00:00:26
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

15-04-2011 19:41

Not After

15-04-2021 19:51

Subject

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

b2:6a:ba:aa:20:9d:24:5a:43:6a:e6:37:00:8f:67:c4:19:8b:71:db:35:25:25:eb:c8:3e:d5:a2:dd:b2:a6:29
Signer

Actual PE Digest

b2:6a:ba:aa:20:9d:24:5a:43:6a:e6:37:00:8f:67:c4:19:8b:71:db:35:25:25:eb:c8:3e:d5:a2:dd:b2:a6:29

Digest Algorithm

sha256

PE Digest Matches

false

Signature Validations

Trusted

true

Verification

Signing Certificate

SERIALNUMBER=31 333 532,CN=ESET\, spol. s r.o.,O=ESET\, spol. s r.o.,L=Bratislava,C=SK,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.3=#1302534b

15-03-2022 14:46
Valid: true

Chain 1

SERIALNUMBER=31 333 532,CN=ESET\, spol. s r.o.,O=ESET\, spol. s r.o.,L=Bratislava,C=SK,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.3=#1302534b

CN=Entrust Extended Validation Code Signing CA - EVCS1,OU=See www.entrust.net/legal-terms+OU=(c) 2015 Entrust\, Inc. - for authorized use only,O=Entrust\, Inc.,C=US

CN=Entrust Root Certification Authority - G2,OU=See www.entrust.net/legal-terms+OU=(c) 2009 Entrust\, Inc. - for authorized use only,O=Entrust\, Inc.,C=US

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleW

user32

PeekMessageA

advapi32

RegQueryValueW

comctl32

ImageList_Create

mscoree

_CorExeMain

shell32

ShellAboutA

Sections

.pdata
Size: - Virtual size: 276KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.gfids
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 420KB - Virtual size: 420KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 94KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

76b0ff22bd1741de688ce65231800a79

Code Sign

87:82:52:60:00:00:00:00:51:d3:73:d9Certificate

Extended Key Usages

Key Usages

05:f9:7d:05:4a:9b:fc:bf:9d:5e:12:f8:d0:ab:be:07Certificate

Extended Key Usages

Key Usages

33:00:00:00:42:00:ba:5e:23:b0:a1:f3:99:00:00:00:00:00:42Certificate

Extended Key Usages

Key Usages

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:ddCertificate

Extended Key Usages

Key Usages

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15Certificate

Extended Key Usages

Key Usages

61:1c:b2:8a:00:00:00:00:00:26Certificate

Key Usages

b2:6a:ba:aa:20:9d:24:5a:43:6a:e6:37:00:8f:67:c4:19:8b:71:db:35:25:25:eb:c8:3e:d5:a2:dd:b2:a6:29Signer

Signature Validations

Verification

15-03-2022 14:46 Valid: true

Chain 1

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

comctl32

mscoree

shell32

Sections

.pdata Size: - Virtual size: 276KB

.gfids Size: 512B - Virtual size: 4KB

.rsrc Size: 420KB - Virtual size: 420KB

.bss Size: 94KB - Virtual size: 96KB

87:82:52:60:00:00:00:00:51:d3:73:d9
Certificate

05:f9:7d:05:4a:9b:fc:bf:9d:5e:12:f8:d0:ab:be:07
Certificate

33:00:00:00:42:00:ba:5e:23:b0:a1:f3:99:00:00:00:00:00:42
Certificate

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

61:1c:b2:8a:00:00:00:00:00:26
Certificate

b2:6a:ba:aa:20:9d:24:5a:43:6a:e6:37:00:8f:67:c4:19:8b:71:db:35:25:25:eb:c8:3e:d5:a2:dd:b2:a6:29
Signer

15-03-2022 14:46
Valid: true

.pdata
Size: - Virtual size: 276KB

.gfids
Size: 512B - Virtual size: 4KB

.rsrc
Size: 420KB - Virtual size: 420KB

.bss
Size: 94KB - Virtual size: 96KB