Overview

overview

8

Static

static

3

SteamService86.dll

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    SteamService86.exe

  • Size

    35.9MB

  • Sample

    240823-bxveeaycpe

  • MD5

    aeb51b0d0659168faaccf18081081754

  • SHA1

    f9bd4a716f809e530b4d87b18964a313e2d52cd6

  • SHA256

    c226421b67f0e5d38a7dec892937409abfea7816bb33e5dc33092cbca230b91d

  • SHA512

    55b0cec721bf515065afbbe29b2d757aeb49e8dbace2d64b8767da9cd363d7a454767798c344d6e7c96a6546e2e473a332fb208c282ce48070b968b75c98a373

  • SSDEEP

    786432:6phzTSiRg2Un6uaLFoBka03KZTPC9XxBRISH+N7+A:ehZ8n6uaLCBkXKBPCHBRISen

Score
8/10
discovery

Malware Config

Targets

    • Target

      SteamService86.exe

    • Size

      35.9MB

    • MD5

      aeb51b0d0659168faaccf18081081754

    • SHA1

      f9bd4a716f809e530b4d87b18964a313e2d52cd6

    • SHA256

      c226421b67f0e5d38a7dec892937409abfea7816bb33e5dc33092cbca230b91d

    • SHA512

      55b0cec721bf515065afbbe29b2d757aeb49e8dbace2d64b8767da9cd363d7a454767798c344d6e7c96a6546e2e473a332fb208c282ce48070b968b75c98a373

    • SSDEEP

      786432:6phzTSiRg2Un6uaLFoBka03KZTPC9XxBRISH+N7+A:ehZ8n6uaLCBkXKBPCHBRISen

    Score
    8/10
    discovery

    • Downloads MZ/PE file

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery

    • Drops file in System32 directory

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks