Overview

overview

4

Static

static

3

SteamSetup (1).exe

windows7-x64

4

$PLUGINSDI...ls.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...gs.dll

windows7-x64

3

$PLUGINSDI...ec.dll

windows7-x64

3

$PLUGINSDI...ss.dll

windows7-x64

3

Steam.exe

windows7-x64

1

bin/SteamService.exe

windows7-x64

1

uninstall.exe

windows7-x64

4

$PLUGINSDI...LL.dll

windows7-x64

3

$PLUGINSDI...nk.dll

windows7-x64

3

$PLUGINSDI...ec.dll

windows7-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    SteamSetup (1).exe

  • Size

    2.2MB

  • Sample

    240213-kz3cgafe78

  • MD5

    70f3bc193dfa56b78f3e6e4f800f701f

  • SHA1

    1e5598f2de49fed2e81f3dd8630c7346a2b89487

  • SHA256

    3b616cb0beaacffb53884b5ba0453312d2577db598d2a877a3b251125fb281a1

  • SHA512

    3ffa815fea2fe37c4fde71f70695697d2b21d6d86a53eea31a1bc1256b5777b44ff400954a0cd0653f1179e4b2e63e24e50b70204d2e9a4b8bf3abf8ede040d1

  • SSDEEP

    49152:2DcHcEngZtNm1LQRHH4PTwZX6kg9hsf4lcszpyu7d/TC:rngZtNm1G4Pw6dJzZNTC

Score
4/10

Malware Config

Targets

    • Target

      SteamSetup (1).exe

    • Size

      2.2MB

    • MD5

      70f3bc193dfa56b78f3e6e4f800f701f

    • SHA1

      1e5598f2de49fed2e81f3dd8630c7346a2b89487

    • SHA256

      3b616cb0beaacffb53884b5ba0453312d2577db598d2a877a3b251125fb281a1

    • SHA512

      3ffa815fea2fe37c4fde71f70695697d2b21d6d86a53eea31a1bc1256b5777b44ff400954a0cd0653f1179e4b2e63e24e50b70204d2e9a4b8bf3abf8ede040d1

    • SSDEEP

      49152:2DcHcEngZtNm1LQRHH4PTwZX6kg9hsf4lcszpyu7d/TC:rngZtNm1G4Pw6dJzZNTC

    Score
    4/10
    behavioral1

    • Target

      $PLUGINSDIR/StdUtils.dll

    • Size

      99KB

    • MD5

      98a4efba4e4b566dc3d93d2d9bfcab58

    • SHA1

      8c54ae9fcec30b2beea8b6af4ead0a76d634a536

    • SHA256

      e2ad7736209d62909a356248fce8e554093339b18ef3e6a989a3c278f177ad48

    • SHA512

      2dbc9a71e666ebf782607d3ca108fd47aa6bce1d0ac2a19183cc5187dd342307b64cb88906369784518922a54ac20f408d5a58f77c0ed410e2ccf98e4e9e39a0

    • SSDEEP

      1536:Lyy+HcFWrX52XWcS15c4DBVOw/bEQvWt6uouMw5m0mhdBu4NpBTvO7Fvo6mVS6oN:Oy+8ozImcSNd1YHbMbC

    Score
    3/10
    behavioral2

    • Target

      $PLUGINSDIR/System.dll

    • Size

      11KB

    • MD5

      a4dd044bcd94e9b3370ccf095b31f896

    • SHA1

      17c78201323ab2095bc53184aa8267c9187d5173

    • SHA256

      2e226715419a5882e2e14278940ee8ef0aa648a3ef7af5b3dc252674111962bc

    • SHA512

      87335a43b9ca13e1300c7c23e702e87c669e2bcf4f6065f0c684fc53165e9c1f091cc4d79a3eca3910f0518d3b647120ac0be1a68eaade2e75eaa64adfc92c5a

    • SSDEEP

      192:em24sihno00Wfl97nH6T2enXwWobpWBTU4VtHT7dmN35OlESl:m8QIl975eXqlWBrz7YLOlE

    Score
    3/10
    behavioral3

    • Target

      $PLUGINSDIR/nsDialogs.dll

    • Size

      9KB

    • MD5

      0d45588070cf728359055f776af16ec4

    • SHA1

      c4375ceb2883dee74632e81addbfa4e8b0c6d84a

    • SHA256

      067c77d51df034b4a614f83803140fbf4cd2f8684b88ea8c8acdf163edad085a

    • SHA512

      751ebf4c43f100b41f799d0fbf8db118ea8751df029c1f4c4b0daeb0fef200ddf2e41c1c9c55c2dc94f2c841cf6acb7df355e98a2e5877a7797f0f1d41a7e415

    • SSDEEP

      192:ob8cSzvTyl4tgi8pPjQM0PuAg0YNyhIFtSP:mBSzm+t18pZ0WAg0RhIFg

    Score
    3/10
    behavioral4

    • Target

      $PLUGINSDIR/nsExec.dll

    • Size

      6KB

    • MD5

      c5b9fe538654a5a259cf64c2455c5426

    • SHA1

      db45505fa041af025de53a0580758f3694b9444a

    • SHA256

      7b51372117960e84d6f5eb3a26810cc044ff02283b3d656a0a456b0ab5cb8ea7

    • SHA512

      f0f8a5570c01b16e54f47502e867ffbaf162b44a847c0ffc8062d20e9492114229de5d9d2a836da256fd3f9fb493536bdbf148d5308695b16c0e98d20d8926aa

    • SSDEEP

      96:xr7fhfKaGgchPzxK6bq+pKX6D8ZLidGgmkNL38:xxbGgGPzxeX6D8ZyGgmkN

    Score
    3/10
    behavioral5

    • Target

      $PLUGINSDIR/nsProcess.dll

    • Size

      4KB

    • MD5

      f0438a894f3a7e01a4aae8d1b5dd0289

    • SHA1

      b058e3fcfb7b550041da16bf10d8837024c38bf6

    • SHA256

      30c6c3dd3cc7fcea6e6081ce821adc7b2888542dae30bf00e881c0a105eb4d11

    • SHA512

      f91fcea19cbddf8086affcb63fe599dc2b36351fc81ac144f58a80a524043ddeaa3943f36c86ebae45dd82e8faf622ea7b7c9b776e74c54b93df2963cfe66cc7

    • SSDEEP

      48:Sz4joMeH+Iwdf8Rom/L+rOnnk5/OCnXeAdbdOAa4GPI+CJ87eILzlq7gthwIsEQW:64c/eFdfS/SSnkxNa4G+ueqPuCtGsj

    Score
    3/10
    behavioral6

    • Target

      Steam.exe

    • Size

      4.1MB

    • MD5

      b4411620a3551834e4f699cc5a9b27e6

    • SHA1

      5093960cc86613e310d13770b5adef00fe93f3eb

    • SHA256

      3caf4a246169b2d30c6bf18fa0b7a4a01bbe933cfb781f3da4c6b3cb67b59d04

    • SHA512

      47dde07212c2d5eea548d7794fc6bb9d86ced9a0848aaeab81fa8844fc5cab7eac58e386e96a81c663b914c85c0a7116033e2b2cfd18559d40aa6c83f9a6c024

    • SSDEEP

      98304:dDokH1WPirCS6Ijt91p2GWNzSC34g2FiiIk:ttHSiJXGNNiE/k

    Score
    1/10
    behavioral7

    • Target

      bin/SteamService.exe

    • Size

      2.7MB

    • MD5

      2de3f7cf6020b3bb6bc4199459a63016

    • SHA1

      8a30e5e333a353eb069ab961a4c1918fcbb44623

    • SHA256

      f649f4a1d41cd442d5e3f079b1677442a2123eb494bda58ef866870b25915d7e

    • SHA512

      5d1e016c731dd1bfaaf24fde9da4f453f71773a71db956290809eb82064fa0307874cd412be6ad98c4fdbb36e94cd8ae7aa27341aaa1f9f3f9e696afe0cca56e

    • SSDEEP

      49152:EmvpI/M4M2YEOpBGcCxutN8Lf6vMTC4gbZtPW3bwDlmTbCeieU8K9f2ywH:Emv+M2CGZxY8Lf6L4gdw3b6mT7

    Score
    1/10
    behavioral8

    • Target

      uninstall.exe

    • Size

      139KB

    • MD5

      4f009883567dfa9e908c5ffa25a2fa0a

    • SHA1

      5848783144c5a04fd4fff71651e3195444156b03

    • SHA256

      d0b0305b42c35716482a6aa08c8257c19aad225e3ffd9ab1f0de411d8b9e592e

    • SHA512

      015e03849ccb6f646538ebb5a1f75bd973258564a4d2664f51da11e88316e9a3d2863de131f105daf2173a5c494e6c6bcc621c6952144ed4bf4bd2bbdec5ef6d

    • SSDEEP

      3072:cAe+3aJpgWXTBuA/JFONMVRO9qyVK+J5n/79:/B+pgUXJFOSVAqyVK+J5nj9

    Score
    4/10
    behavioral9

    • Target

      $PLUGINSDIR/LangDLL.dll

    • Size

      5KB

    • MD5

      0c44f21d4afc81cc99fac7cc35e4503a

    • SHA1

      3d0d5c684df99a46510c0e2c0020163a9d11c08d

    • SHA256

      8dc2be6679497994e3ddc97bc7bc1ce2b3c17ef3528b03ded6696ef198a11d10

    • SHA512

      4e4bd35d6aa21cecbfe7a93a2ee7db8ee78ca710a4193dfe240d1067afbe10f61db332c1c85f6cc3ba404d895a959742401b615ef8ff5bd9028254c4a43a0923

    • SSDEEP

      48:S46+/N3TKYKxbWsptIpBtWZ0iV8jAWiAJCvxft2O2B8mCofjLl:zPuPbOBtWZBV8jAWiAJCdv2CmpL

    Score
    3/10
    behavioral10

    • Target

      $PLUGINSDIR/ShellLink.dll

    • Size

      4KB

    • MD5

      d62d3e349689811f838dd10fb216eba1

    • SHA1

      edcafd517860cb6b4bd299e20b17ad74a6fa2a5d

    • SHA256

      5d103419245e2a5f124a96cace25d6836b2398edc0aa3919829b0fd6ad8b5d6a

    • SHA512

      fc7d5826cb9f85068ea702f007920bf7ae63758d13c48761e83cc9e8ac06b231f40e17a9f3340d60d874ad2cf6e0991eb98a52cf893ab785489e0cdbbf294f88

    • SSDEEP

      96:fQW7e3a0JF5jdrORE6C4tb+X+bzYz3Cl6nfkfLGpRO:4687JQCdiaR

    Score
    3/10
    behavioral11

    • Target

      $PLUGINSDIR/nsExec.dll

    • Size

      6KB

    • MD5

      c5b9fe538654a5a259cf64c2455c5426

    • SHA1

      db45505fa041af025de53a0580758f3694b9444a

    • SHA256

      7b51372117960e84d6f5eb3a26810cc044ff02283b3d656a0a456b0ab5cb8ea7

    • SHA512

      f0f8a5570c01b16e54f47502e867ffbaf162b44a847c0ffc8062d20e9492114229de5d9d2a836da256fd3f9fb493536bdbf148d5308695b16c0e98d20d8926aa

    • SSDEEP

      96:xr7fhfKaGgchPzxK6bq+pKX6D8ZLidGgmkNL38:xxbGgGPzxeX6D8ZyGgmkN

    Score
    3/10
    behavioral12

MITRE ATT&CK Enterprise v15

Tasks