Steam[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Steam.exe
Size

33.3MB
MD5

dca77e586f14eb1751cb66bb149a6a10
SHA1

2d358f5aff77ce0d1d61edd28f01e1d26273ba59
SHA256

7a255b6ff7b6e20627c02ee66fe0e6f7a4e8ac1c86af030a5b74626ab05d944e
SHA512

0ea86bedb60a47339f127ea796225e0b59dcf78b32f65a071dc284e801881f5b5bf47582c3b3dac2042f35b0f29f10647462a645bd17f40c7c7f03308ef4f99a
SSDEEP

786432:FqPZ45mXrGg9nuNmyTyuE900dLMd5t26HyAq4LOV9r6skB:APZ8mXrJuRTHEFLKtvA4LOV9Fs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Steam.exe

Files

Steam.exe
.exe windows:6 windows x64 arch:x64

Password: pN0mXQdr

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Exports

Exports

DotNetRuntimeDebugHeader

Sections

Size: 332KB - Virtual size: 789KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Size: 3.8MB - Virtual size: 11.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

hydrated
Size: - Virtual size: 4.0MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 14.5MB - Virtual size: 18.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 19KB - Virtual size: 299KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 497KB - Virtual size: 906KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 512B - Virtual size: 500B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 2KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

RB
Size: - Virtual size: 17.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.boot
Size: 14.2MB - Virtual size: 14.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 16B - Virtual size: 4KB

IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: pN0mXQdr

Headers

DLL Characteristics

File Characteristics

Exports

Exports

Sections

Size: 332KB - Virtual size: 789KB

Size: 3.8MB - Virtual size: 11.8MB

hydrated Size: - Virtual size: 4.0MB

Size: 14.5MB - Virtual size: 18.6MB

Size: 19KB - Virtual size: 299KB

Size: 497KB - Virtual size: 906KB

Size: 512B - Virtual size: 500B

Size: 2KB - Virtual size: 4KB

Size: 2KB - Virtual size: 8KB

.edata Size: 512B - Virtual size: 4KB

.idata Size: 1KB - Virtual size: 4KB

.tls Size: 512B - Virtual size: 4KB

.rsrc Size: 4KB - Virtual size: 4KB

RB Size: - Virtual size: 17.8MB

.boot Size: 14.2MB - Virtual size: 14.2MB

.reloc Size: 16B - Virtual size: 4KB

hydrated
Size: - Virtual size: 4.0MB

.edata
Size: 512B - Virtual size: 4KB

.idata
Size: 1KB - Virtual size: 4KB

.tls
Size: 512B - Virtual size: 4KB

.rsrc
Size: 4KB - Virtual size: 4KB

RB
Size: - Virtual size: 17.8MB

.boot
Size: 14.2MB - Virtual size: 14.2MB

.reloc
Size: 16B - Virtual size: 4KB