Overview

overview

6

Static

static

3

SteamSetup.exe

windows10-1703-x64

6

$PLUGINSDI...er.bmp

windows10-1703-x64

4

$PLUGINSDI...rd.bmp

windows10-1703-x64

4

public/ste...an.txt

windows10-1703-x64

1

public/ste...an.txt

windows10-1703-x64

1

public/ste...ch.txt

windows10-1703-x64

1

public/ste...sh.txt

windows10-1703-x64

1

public/ste...ch.txt

windows10-1703-x64

1

public/ste...sh.txt

windows10-1703-x64

1

public/ste...sh.txt

windows10-1703-x64

1

public/ste...ch.txt

windows10-1703-x64

1

public/ste...an.txt

windows10-1703-x64

1

public/ste...ek.txt

windows10-1703-x64

1

public/ste...an.txt

windows10-1703-x64

1

public/ste...an.txt

windows10-1703-x64

1

public/ste...se.txt

windows10-1703-x64

1

public/ste...an.txt

windows10-1703-x64

1

public/ste...na.txt

windows10-1703-x64

1

public/ste...am.txt

windows10-1703-x64

1

public/ste...an.txt

windows10-1703-x64

1

public/ste...sh.txt

windows10-1703-x64

1

public/ste...se.txt

windows10-1703-x64

1

public/ste...an.txt

windows10-1703-x64

1

public/ste...an.txt

windows10-1703-x64

1

public/ste...se.txt

windows10-1703-x64

1

public/ste...sh.txt

windows10-1703-x64

1

public/ste...sh.txt

windows10-1703-x64

1

public/ste...se.txt

windows10-1703-x64

1

public/ste...ai.txt

windows10-1703-x64

1

public/ste...sh.txt

windows10-1703-x64

1

public/ste...an.txt

windows10-1703-x64

1

uninstall.exe

windows10-1703-x64

1

Analysis

  • max time kernel
    15s
  • max time network
    20s
  • platform
    windows10-1703_x64
  • resource
    win10-20231215-en
  • resource tags

    arch:x64arch:x86image:win10-20231215-enlocale:en-usos:windows10-1703-x64system
  • submitted
    11/02/2024, 12:21

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    public/steambootstrapper_swedish.txt

  • Size

    4KB

  • MD5

    b2248784049e1af0c690be2af13a4ef3

  • SHA1

    aec7461fa46b7f6d00ff308aa9d19c39b934c595

  • SHA256

    4bf6b25bf5b18e13b04db6ed2e5ed635eb844fc52baa892f530194d9471f5690

  • SHA512

    f5cee6bba20a4d05473971f7f87a36990e88a44b2855c7655b77f48f223219978d91bcd02d320c7e6c2ec368234e1d0201be85b5626ef4909e047e416e1a066c

  • SSDEEP

    96:cnvF+VYBVZcdOMuRZvODz1Q4EqvL8FdGPbII8ncswBIIZswpOo8V8pVKw:CvsVsV6dOJrc1qGSdGPsI3+Idp38V8vl

Score
1/10

Malware Config

Signatures

  • Opens file in notepad (likely ransom note) 1 IoCs
    ransomware

Processes

  • C:\Windows\system32\NOTEPAD.EXE
    C:\Windows\system32\NOTEPAD.EXE C:\Users\Admin\AppData\Local\Temp\public\steambootstrapper_swedish.txt
    1⤵
    • Opens file in notepad (likely ransom note)
    PID:2356

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads