Overview

overview

6

Static

static

3

SteamSetup.exe

windows10-1703-x64

6

$PLUGINSDI...er.bmp

windows10-1703-x64

4

$PLUGINSDI...rd.bmp

windows10-1703-x64

4

public/ste...an.txt

windows10-1703-x64

1

public/ste...an.txt

windows10-1703-x64

1

public/ste...ch.txt

windows10-1703-x64

1

public/ste...sh.txt

windows10-1703-x64

1

public/ste...ch.txt

windows10-1703-x64

1

public/ste...sh.txt

windows10-1703-x64

1

public/ste...sh.txt

windows10-1703-x64

1

public/ste...ch.txt

windows10-1703-x64

1

public/ste...an.txt

windows10-1703-x64

1

public/ste...ek.txt

windows10-1703-x64

1

public/ste...an.txt

windows10-1703-x64

1

public/ste...an.txt

windows10-1703-x64

1

public/ste...se.txt

windows10-1703-x64

1

public/ste...an.txt

windows10-1703-x64

1

public/ste...na.txt

windows10-1703-x64

1

public/ste...am.txt

windows10-1703-x64

1

public/ste...an.txt

windows10-1703-x64

1

public/ste...sh.txt

windows10-1703-x64

1

public/ste...se.txt

windows10-1703-x64

1

public/ste...an.txt

windows10-1703-x64

1

public/ste...an.txt

windows10-1703-x64

1

public/ste...se.txt

windows10-1703-x64

1

public/ste...sh.txt

windows10-1703-x64

1

public/ste...sh.txt

windows10-1703-x64

1

public/ste...se.txt

windows10-1703-x64

1

public/ste...ai.txt

windows10-1703-x64

1

public/ste...sh.txt

windows10-1703-x64

1

public/ste...an.txt

windows10-1703-x64

1

uninstall.exe

windows10-1703-x64

1

Analysis

  • max time kernel
    71s
  • max time network
    91s
  • platform
    windows10-1703_x64
  • resource
    win10-20231215-en
  • resource tags

    arch:x64arch:x86image:win10-20231215-enlocale:en-usos:windows10-1703-x64system
  • submitted
    11/02/2024, 12:21

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    public/steambootstrapper_norwegian.txt

  • Size

    4KB

  • MD5

    5462f47e56b978659ef56f196db013f4

  • SHA1

    4749824d4e909369f59217d4980963ff17353f3f

  • SHA256

    cbfbe91d4a4661df814ea447c03f4ca872ef3e27073a1eb746faccbfe75afc8a

  • SHA512

    5a437968fc06619cf553ced32dba9c7c948f4364f02c8017986e9a4f09e9832b849c7e0567485ca1beba34a258d29b2612ea3ed6045c81777e9a5201139f81a3

  • SSDEEP

    96:hL+9CbrRtcejaRZYBEpdzudyyACWxmkz6lIb2oZIA+Oo8q80Br+:EQb1+ejarYO7u4mkz6Sb2o2A+38q80Ba

Score
1/10

Malware Config

Signatures

  • Opens file in notepad (likely ransom note) 1 IoCs
    ransomware

Processes

  • C:\Windows\system32\NOTEPAD.EXE
    C:\Windows\system32\NOTEPAD.EXE C:\Users\Admin\AppData\Local\Temp\public\steambootstrapper_norwegian.txt
    1⤵
    • Opens file in notepad (likely ransom note)
    PID:3588

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads