Overview

overview

9

Static

static

3

SteamSetup.exe

windows7-x64

7

$PLUGINSDI...ls.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...gs.dll

windows7-x64

3

$PLUGINSDI...ec.dll

windows7-x64

3

Steam.exe

windows7-x64

9

bin/SteamService.exe

windows7-x64

1

Sharing

Copy URL Twitter E-mail

General

  • Target

    SteamSetup.exe

  • Size

    1.1MB

  • MD5

    c6bce0532378620674e053ecf9b8f319

  • SHA1

    7a53591181da342f08aafbf307d07aba688ada43

  • SHA256

    bd7f885f48c066cdef799aa4a4e271eae3ff5cbe21d092aa1cfa921ea0a4534c

  • SHA512

    2ae02491ce86200d53bf8f51cec618408ad4378691ec9bb93b605183532bddb4ff231f9c177b434e638df967cd48ea1a77f3ce77b93e8da6447b895415398ecb

  • SSDEEP

    12288:8EgYKwIPOWGaVNOTPZczrSpaRbCRPy8GumbRb8q6ZNohP+Pmm5aYvtPZDVb/mCSY:8fvw2hVWPCOpiCt8b98rvPrdDXEhzg3n

Score
3/10

Malware Config

Signatures

  • Unsigned PE 4 IoCs

    Checks for missing Authenticode signature.

Files

  • SteamSetup.exe
    .exe windows:5 windows x86 arch:x86

    32f3282581436269b3a75b6675fe3e08


    Code Sign

    Headers

    Imports

    Sections

  • $PLUGINSDIR/StdUtils.dll
    .dll windows:5 windows x86 arch:x86

    6e63471b3d7c59cf9b8572bf93e2cf35


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/System.dll
    .dll windows:5 windows x86 arch:x86

    039bcbc605477e8e87ec550c2e60e748


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/modern-header.bmp
  • $PLUGINSDIR/modern-wizard.bmp
  • $PLUGINSDIR/nsDialogs.dll
    .dll windows:5 windows x86 arch:x86

    9ea5bdc8c90dfcffe309465c26c89758


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/nsExec.dll
    .dll windows:5 windows x86 arch:x86

    8700d0ebbb41c81ea52718af1ab70a93


    Headers

    Imports

    Exports

    Sections

  • Steam.exe
    .exe windows:5 windows x86 arch:x86

    b3b4c245f825100b5f35f5261e1fbd10


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • bin/SteamService.exe
    .exe windows:5 windows x86 arch:x86

    b9543d7ba421c0959192e23cbc30b756


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • public/steambootstrapper_brazilian.txt
  • public/steambootstrapper_czech.txt
  • public/steambootstrapper_danish.txt
  • public/steambootstrapper_dutch.txt
  • public/steambootstrapper_english.txt
  • public/steambootstrapper_finnish.txt
  • public/steambootstrapper_french.txt
  • public/steambootstrapper_german.txt
  • public/steambootstrapper_greek.txt
  • public/steambootstrapper_hungarian.txt
  • public/steambootstrapper_italian.txt
  • public/steambootstrapper_japanese.txt
  • public/steambootstrapper_korean.txt
  • public/steambootstrapper_koreana.txt
  • public/steambootstrapper_norwegian.txt
  • public/steambootstrapper_polish.txt
  • public/steambootstrapper_portuguese.txt
  • public/steambootstrapper_romanian.txt
  • public/steambootstrapper_russian.txt
  • public/steambootstrapper_schinese.txt
  • public/steambootstrapper_spanish.txt
  • public/steambootstrapper_swedish.txt
  • public/steambootstrapper_tchinese.txt
  • public/steambootstrapper_thai.txt
  • public/steambootstrapper_turkish.txt
  • uninstall.exe.nsis