Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

4

Static

static

3

SteamSetup (1).exe

windows7-x64

4

$PLUGINSDI...ls.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...gs.dll

windows7-x64

3

$PLUGINSDI...ec.dll

windows7-x64

3

$PLUGINSDI...ss.dll

windows7-x64

3

Steam.exe

windows7-x64

1

bin/SteamService.exe

windows7-x64

1

uninstall.exe

windows7-x64

4

$PLUGINSDI...LL.dll

windows7-x64

3

$PLUGINSDI...nk.dll

windows7-x64

3

$PLUGINSDI...ec.dll

windows7-x64

3

Analysis

  • max time kernel
    30s
  • max time network
    27s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    13/02/2024, 09:03

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Steam.exe

  • Size

    4.1MB

  • MD5

    b4411620a3551834e4f699cc5a9b27e6

  • SHA1

    5093960cc86613e310d13770b5adef00fe93f3eb

  • SHA256

    3caf4a246169b2d30c6bf18fa0b7a4a01bbe933cfb781f3da4c6b3cb67b59d04

  • SHA512

    47dde07212c2d5eea548d7794fc6bb9d86ced9a0848aaeab81fa8844fc5cab7eac58e386e96a81c663b914c85c0a7116033e2b2cfd18559d40aa6c83f9a6c024

  • SSDEEP

    98304:dDokH1WPirCS6Ijt91p2GWNzSC34g2FiiIk:ttHSiJXGNNiE/k

Score
1/10

Malware Config

Signatures

  • Checks processor information in registry 2 TTPs 2 IoCs

    Processor information is often read in order to detect sandboxing environments.

Processes

  • C:\Users\Admin\AppData\Local\Temp\Steam.exe
    "C:\Users\Admin\AppData\Local\Temp\Steam.exe"
    1⤵
    • Checks processor information in registry
    PID:3028

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\package\tmp\graphics\[email protected]_
    Filesize

    15KB

    MD5

    577b7286c7b05cecde9bea0a0d39740e

    SHA1

    144d97afe83738177a2dbe43994f14ec11e44b53

    SHA256

    983aa3928f15f5154266be7063a75e1fce87238bbe81a910219dea01d5376824

    SHA512

    8cd55264a6e973bb6683c6f376672b74a263b48b087240df8296735fd7ae6274ee688fdb16d7febad14288a866ea47e78b114c357a9b03471b1e72df053ebcb0

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\package\tmp\graphics\icon_button_news_mousedown.tga_
    Filesize

    20KB

    MD5

    00bf35778a90f9dfa68ce0d1a032d9b5

    SHA1

    de6a3d102de9a186e1585be14b49390dcb9605d6

    SHA256

    cab3a68b64d8bf22c44080f12d7eab5b281102a8761f804224074ab1f6130fe2

    SHA512

    342c9732ef4185dee691c9c8657a56f577f9c90fc43a4330bdc173536750cee1c40af4adac4f47ac5aca6b80ab347ebe2d31d38ea540245b38ab72ee8718a041

    Download Submit