Overview

overview

3

Static

static

3

SteamSetup.exe

windows7-x64

1

SteamSetup.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    16s
  • max time network
    14s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240419-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240419-enlocale:en-usos:windows10-2004-x64system
  • submitted
    08/05/2024, 08:23

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    SteamSetup.exe

  • Size

    1.3MB

  • MD5

    9c0bf4dd3f67e8df56e70c1637260cd0

  • SHA1

    619379804417b26fa60a29e3c72742087b642cc0

  • SHA256

    10e7592459b4d8e5766835540a6f994193d983356355afcdd600d2e69aa141fa

  • SHA512

    0225233f0cbb1b3d8e75e3671a332cae01a7ea5c0a98eeb4c646d50f1d2ee23dad5c659e7edc6eb996794dd3e50f56cc9d8d6fa9c26f3ac52a1f0d3880c491d2

  • SSDEEP

    24576:ZzZVHaDXJCCXJCYX46XJC62sRPbQUv2gVbAdo:zUXbXBXfXB2sRP8Pg

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 1 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\SteamSetup.exe
    "C:\Users\Admin\AppData\Local\Temp\SteamSetup.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    PID:116
  • C:\Windows\System32\rundll32.exe
    C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
    1⤵
      PID:1752

    Network

          MITRE ATT&CK Matrix

          Replay Monitor

          Loading Replay Monitor...

          Downloads

          • memory/116-0-0x00007FFF98A53000-0x00007FFF98A55000-memory.dmp

            Filesize

            8KB

            Download

          • memory/116-1-0x000002A41C6C0000-0x000002A41C816000-memory.dmp

            Filesize

            1.3MB

            Download

          • memory/116-2-0x000002A436E60000-0x000002A436FAE000-memory.dmp

            Filesize

            1.3MB

            Download

          • memory/116-3-0x000002A41E400000-0x000002A41E414000-memory.dmp

            Filesize

            80KB

            Download

          • memory/116-4-0x00007FFF98A50000-0x00007FFF99511000-memory.dmp

            Filesize

            10.8MB

            Download

          • memory/116-5-0x00007FFF98A50000-0x00007FFF99511000-memory.dmp

            Filesize

            10.8MB

            Download

          • memory/116-6-0x00007FFF98A50000-0x00007FFF99511000-memory.dmp

            Filesize

            10.8MB

            Download

          • memory/116-7-0x00007FFF98A50000-0x00007FFF99511000-memory.dmp

            Filesize

            10.8MB

            Download