5d8d697707c89466cfe203bde7e242680d020646bd5e49edaabd67fc6a7d6321

Sharing

Copy URL

Twitter E-mail

General

Target

SteamSetup.exe
Size

2.3MB
Sample

240424-hdhd3afe65
MD5

b1f4bc644f535c745341de0303631d9c
SHA1

8d66e30416004cc2e98334a276c181ae1e67be55
SHA256

5d8d697707c89466cfe203bde7e242680d020646bd5e49edaabd67fc6a7d6321
SHA512

e3fc8eed9061dd8c555a26c29436c7c5218c6409096e37d11b34edcab448d5c3e9f7dff5e5c5ab2a0e3ee96da666b3be7f2b3f028fc122f35f74c51518aa0d44
SSDEEP

49152:GDJvIRwCA97eXdXY1/aq95f9zRsBON2VGabSV9MbHv2XR3fHuc7ZEG5:vWC2KX5Y1X95VzvwpWVKrJW

Score

5^/10

link pdf

Malware Config

Targets

- Target
  
  SteamSetup.exe
- Size
  
  2.3MB
- MD5
  
  b1f4bc644f535c745341de0303631d9c
- SHA1
  
  8d66e30416004cc2e98334a276c181ae1e67be55
- SHA256
  
  5d8d697707c89466cfe203bde7e242680d020646bd5e49edaabd67fc6a7d6321
- SHA512
  
  e3fc8eed9061dd8c555a26c29436c7c5218c6409096e37d11b34edcab448d5c3e9f7dff5e5c5ab2a0e3ee96da666b3be7f2b3f028fc122f35f74c51518aa0d44
- SSDEEP
  
  49152:GDJvIRwCA97eXdXY1/aq95f9zRsBON2VGabSV9MbHv2XR3fHuc7ZEG5:vWC2KX5Y1X95VzvwpWVKrJW
Score

4^/10
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/StdUtils.dll
- Size
  
  110KB
- MD5
  
  db11ab4828b429a987e7682e495c1810
- SHA1
  
  29c2c2069c4975c90789dc6d3677b4b650196561
- SHA256
  
  c602c44a4d4088dbf5a659f36ba1c3a9d81f8367577de0cb940c0b8afee5c376
- SHA512
  
  460d1ccfc0d7180eae4e6f1a326d175fec78a7d6014447a9a79b6df501fa05cd4bd90f8f7a85b7b6a4610e2fa7059e30ae6e17bc828d370e5750de9b40b9ae88
- SSDEEP
  
  1536:cyy+HcFWrX52XWcS15c4DBVOw/bEQvWt6uouMw5m0mhdBu4NpBTvO7Fvo6mVS6oz:fy+8ozImcSNd1YHbMbCk/S
Score

3^/10
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  22KB
- MD5
  
  a36fbe922ffac9cd85a845d7a813f391
- SHA1
  
  f656a613a723cc1b449034d73551b4fcdf0dcf1a
- SHA256
  
  fa367ae36bfbe7c989c24c7abbb13482fc20bc35e7812dc377aa1c281ee14cc0
- SHA512
  
  1d1b95a285536ddc2a89a9b3be4bb5151b1d4c018ea8e521de838498f62e8f29bb7b3b0250df73e327e8e65e2c80b4a2d9a781276bf2a51d10e7099bacb2e50b
- SSDEEP
  
  384:V8QIl975eXqlWBrz7YLOlE/NyQH38E9VF6IYinAM+oZ5a1TN:VgPgrfYLO+rMEpYinAMxZG
Score

3^/10
behavioral5 behavioral6
- Target
  
  $PLUGINSDIR/nsDialogs.dll
- Size
  
  20KB
- MD5
  
  4e5bc4458afa770636f2806ee0a1e999
- SHA1
  
  76dcc64af867526f776ab9225e7f4fe076487765
- SHA256
  
  91a484dc79be64dd11bf5acb62c893e57505fcd8809483aa92b04f10d81f9de0
- SHA512
  
  b6f529073a943bddbcb30a57d62216c78fcc9a09424b51ac0824ebfb9cac6cae4211bda26522d6923bd228f244ed8c41656c38284c71867f65d425727dd70162
- SSDEEP
  
  384:ABSzm+t18pZ0WAg0RhIFgnGNyQH38E9VF6IYinAM+oZfNRoZk:NupZ/Ag0/T8MEpYinAMxZ7oW
Score

3^/10
behavioral7 behavioral8
- Target
  
  $PLUGINSDIR/nsExec.dll
- Size
  
  17KB
- MD5
  
  2095af18c696968208315d4328a2b7fe
- SHA1
  
  b1b0e70c03724b2941e92c5098cc1fc0f2b51568
- SHA256
  
  3e2399ae5ce16dd69f7e2c71d928cf54a1024afced8155f1fd663a3e123d9226
- SHA512
  
  60105dfb1cd60b4048bd7b367969f36ed6bd29f92488ba8cfa862e31942fd529cbc58e8b0c738d91d8bef07c5902ce334e36c66eae1bfe104b44a159b5615ae5
- SSDEEP
  
  384:PbGgezxEqoyGgmkNFNyQH38E9VF6IYinAM+oZhc3iMy8:T31yGLkbMEpYinAMxZAy8
Score

3^/10
behavioral10 behavioral9
- Target
  
  $PLUGINSDIR/nsProcess.dll
- Size
  
  15KB
- MD5
  
  08072dc900ca0626e8c079b2c5bcfcf3
- SHA1
  
  35f2bfa0b1b2a65b9475fb91af31f7b02aee4e37
- SHA256
  
  bb6ce83ddaad4f530a66a1048fac868dfc3b86f5e7b8e240d84d1633e385aee8
- SHA512
  
  8981da7f225eb78c414e9fb3c63af0c4daae4a78b4f3033df11cce43c3a22fdbf3853425fe3024f68c73d57ffb128cba4d0db63eda1402212d1c7e0ac022353c
- SSDEEP
  
  192:WUl64IGsjDNyQDbnPvy2sE9jBF6IYiYF8pA5K+oZ7W76OCwy9GUe:5ZsNyQH38E9VF6IYinAM+oZYsBe
Score

3^/10
behavioral11 behavioral12
- Target
  
  Steam.exe
- Size
  
  4.2MB
- MD5
  
  7c2056e7337a5f29d2e5d3c67830745f
- SHA1
  
  d502f5c22895a859056930a5489192873cd04673
- SHA256
  
  3f321dbbc60371a585d60b17e3f67386bf1792b430d20071ca0e3efd9dbae99d
- SHA512
  
  c729dbee4d528d05d2a6d25ea105d8f34bb9087b9151c0b31a59337e444e4bccb1f3e49fce122fb3dd7b65132a15a0c8b5618c853287fecbe5427376200b2495
- SSDEEP
  
  98304:+bgwm93udfvBtp0vrjT/KFdGRv/SrbeJo7P0:utm81pjWzEfbe27P0
Score

5^/10

link pdf
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral13 behavioral14
- Target
  
  bin/SteamService.exe
- Size
  
  2.5MB
- MD5
  
  18dd1c62ef5597389d599f4d671be388
- SHA1
  
  43e0e7e1ad31dc0bfa9b93e50013dc0cf8cdbb66
- SHA256
  
  320b33ae48dbbbfbe4f93cf1509702e6a90880688a0557b2f6ad7f5c47d94c21
- SHA512
  
  a8d8aaf823b665edbb8f7490ae232bb292a8349f77fafbffc9600934abb71a763b52f2d99b9ec73a0e2c5a62a3dc57631bfb19a5e931c4bbd2d3e17ef22f2d98
- SSDEEP
  
  49152:aivjSL8yUKroT8gHuf7GxvVCaWsmISAtf61TdztPTOuUa0mrRZ0PxEb0nE50:aiv5T+GRcdLAtf6LzhOuymM
Score

1^/10
behavioral15 behavioral16
- Target
  
  uninstall.exe
- Size
  
  153KB
- MD5
  
  2465c84f5fb9e6ce8ffe81c60bd13130
- SHA1
  
  b8aac13eadba39dbe637a6f1f91c65bc7b9a7ed1
- SHA256
  
  7993f70d54d955e522e5ddbdf30a7d07404f14f7bd6ee45ecdaf5ad16807a695
- SHA512
  
  f9ab90acd67be2256b26b70430bb2532c12a3f0a68754ee3c6606258646611fb0b789b55de0c18a32281bde9a50bae3fc226f01b561646801e4f5f00f17b17a0
- SSDEEP
  
  3072:WAe+3aJpgWXTBuO/JFONMOTc0DCY91AaC/I2U:9B+pgUJJFOSOTc0DC+1JY8
Score

4^/10
behavioral17 behavioral18
- Target
  
  $PLUGINSDIR/LangDLL.dll
- Size
  
  16KB
- MD5
  
  46ba3881f8b27f54a8d92d600e61ee7b
- SHA1
  
  15933b6ece85a6d45fd78ae499b445a3bc6d2d05
- SHA256
  
  4fca692a36f0c99e26b5bc7ef9db5269d2c1e21288184953898130fea9b1c4fc
- SHA512
  
  6f64d3cb4634ed51710f578667b92a429aa871a0a141092df3cf7e0134a0b145f802f91126f1ce43ddb4b9d6cc6fb875c9acec22eab0cec86a72dd916e1f9eb3
- SSDEEP
  
  384:kTrZBV86AQINyQH38E9VF6IYinAM+oZtfpMVK:kXZL86A1MEpYinAMxZ5aK
Score

3^/10
behavioral19 behavioral20
- Target
  
  $PLUGINSDIR/ShellLink.dll
- Size
  
  15KB
- MD5
  
  130e29fa7dc68393d3ef12fa5fe876b9
- SHA1
  
  54d3b821df8f42e26698f0cf99bca5d2e6aa080e
- SHA256
  
  eae7829a3df5d8d63e16787f7c3d5ae4b82b3b79c2cd7aad9c2532374b6ea522
- SHA512
  
  56dbae0e1918ed50c99a863304544d5d31925c62d4ebfd7244d67f909c353ee4160b081b43832cf33f1048f998431ba14270600de512dc6c853a17dd524df317
- SSDEEP
  
  384:Ld7JQGYNyQH38E9VF6IYinAM+oZiDzQ06:LgVMEpYinAMxZqzB6
Score

3^/10
behavioral21 behavioral22
- Target
  
  $PLUGINSDIR/nsExec.dll
- Size
  
  17KB
- MD5
  
  2095af18c696968208315d4328a2b7fe
- SHA1
  
  b1b0e70c03724b2941e92c5098cc1fc0f2b51568
- SHA256
  
  3e2399ae5ce16dd69f7e2c71d928cf54a1024afced8155f1fd663a3e123d9226
- SHA512
  
  60105dfb1cd60b4048bd7b367969f36ed6bd29f92488ba8cfa862e31942fd529cbc58e8b0c738d91d8bef07c5902ce334e36c66eae1bfe104b44a159b5615ae5
- SSDEEP
  
  384:PbGgezxEqoyGgmkNFNyQH38E9VF6IYinAM+oZhc3iMy8:T31yGLkbMEpYinAMxZAy8
Score

3^/10
behavioral23 behavioral24

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Subvert Trust Controls

T1553

Install Root Certificate

T1553.004

Modify Registry

T1112

Credential Access

Discovery

System Information Discovery

T1082

Query Registry

T1012

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

Sharing

General

Malware Config

Targets

Checks computer location settings

MITRE ATT&CK Matrix ATT&CK v13

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24