Overview

overview

6

Static

static

1

SteamSetup.exe

windows7-x64

4

SteamSetup.exe

windows10-2004-x64

6

Sharing

Copy URL
Twitter E-mail

General

  • Target

    SteamSetup.exe

  • Size

    2.3MB

  • Sample

    240917-rxexqaxhpd

  • MD5

    1b54b70beef8eb240db31718e8f7eb5d

  • SHA1

    da5995070737ec655824c92622333c489eb6bce4

  • SHA256

    7d3654531c32d941b8cae81c4137fc542172bfa9635f169cb392f245a0a12bcb

  • SHA512

    fda935694d0652dab3f1017faaf95781a300b420739e0f9d46b53ce07d592a4cfa536524989e2fc9f83602d315259817638a89c4e27da709aada5d1360b717eb

  • SSDEEP

    49152:UDP/q9MIX/crfcNVBaXp1m0zyVCMwBHgFzoZhRP8:kC9MI8Hm0GCjgFc3Rk

Score
6/10
discoverypersistence

Malware Config

Targets

    • Target

      SteamSetup.exe

    • Size

      2.3MB

    • MD5

      1b54b70beef8eb240db31718e8f7eb5d

    • SHA1

      da5995070737ec655824c92622333c489eb6bce4

    • SHA256

      7d3654531c32d941b8cae81c4137fc542172bfa9635f169cb392f245a0a12bcb

    • SHA512

      fda935694d0652dab3f1017faaf95781a300b420739e0f9d46b53ce07d592a4cfa536524989e2fc9f83602d315259817638a89c4e27da709aada5d1360b717eb

    • SSDEEP

      49152:UDP/q9MIX/crfcNVBaXp1m0zyVCMwBHgFzoZhRP8:kC9MI8Hm0GCjgFc3Rk

    Score
    6/10
    discoverypersistence

    • Adds Run key to start application

      persistence

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks