Overview

overview

5

Static

static

1

steam_api.dll

windows7-x64

5

steam_api.dll

windows10-2004-x64

5

Analysis

  • max time kernel
    43s
  • max time network
    54s
  • platform
    windows7_x64
  • resource
    win7-20220812-en
  • resource tags

    arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
  • submitted
    04/02/2023, 22:47 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    steam_api.dll

  • Size

    1.3MB

  • MD5

    e869484d80d8d08b1a31639127c3d344

  • SHA1

    29208a8734f6c713d2ea7c343ff159d35358e356

  • SHA256

    cdc6ac3c1c5e5d54fbfdbb825b7ea5f0a6b0886fc0cee7ff3cc51cef8d064b28

  • SHA512

    79e01f60c18c24d2fb366952b28463a48ec0955220e65f99c30870a2c4fd12a95619f4de665a055cedfe5623c8d083f71ec8861e6b6d2570424a9f088bf45891

  • SSDEEP

    24576:bKpb+Lpmbz9gAXilDGgP9GX0dc4hxU4BVoXoo1DJXLFT4mknD1pVOGXSCbAle:K+AzYDGsC0/9cDXT4t1iCcle

Score
5/10

Malware Config

Signatures

  • Suspicious use of NtSetInformationThreadHideFromDebugger 1 IoCs
  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\steam_api.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:752
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\steam_api.dll,#1
      2⤵
      • Suspicious use of NtSetInformationThreadHideFromDebugger
      PID:1652

Network

    No results found
  • 34.104.35.123:80
    368 B
     320 B
     8
    8
No results found

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1652-55-0x0000000075D01000-0x0000000075D03000-memory.dmp

    Filesize

    8KB

    Download

  • memory/1652-56-0x0000000074EA0000-0x0000000074FF7000-memory.dmp

    Filesize

    1.3MB

    Download

  • memory/1652-57-0x0000000074EA0000-0x0000000074FF7000-memory.dmp

    Filesize

    1.3MB

    Download

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.