Resubmissions

17-11-2024 19:15

241117-xyamaawhjn 8

17-11-2024 19:03

241117-xqtp7awfpq 3

15-11-2024 07:15

241115-h3byks1bka 8

General

  • Target

    SteamtoolsSetup.exe

  • Size

    978KB

  • Sample

    241117-xyamaawhjn

  • MD5

    bbf15e65d4e3c3580fc54adf1be95201

  • SHA1

    79091be8f7f7a6e66669b6a38e494cf7a62b5117

  • SHA256

    c9f2e2abb046ff2535537182edf9a9b748aa10a22e98a1d8c948d874f4ffb304

  • SHA512

    9bb261b4ed84af846e07ffb6352960687e59428fd497faa0a37d70b57a1a7430d48ac350fbb0c3f0f11e4231a98ebca4d6923deba0949fdd7a247a3c02737355

  • SSDEEP

    24576:4Fa9OUi2VoN2gZ1M8UQag3BXrYZt+GgGTfG74T+TRcL:Z9OUiTN2gZ1MExEZkkf+4TARg

Malware Config

Targets

    • Target

      SteamtoolsSetup.exe

    • Size

      978KB

    • MD5

      bbf15e65d4e3c3580fc54adf1be95201

    • SHA1

      79091be8f7f7a6e66669b6a38e494cf7a62b5117

    • SHA256

      c9f2e2abb046ff2535537182edf9a9b748aa10a22e98a1d8c948d874f4ffb304

    • SHA512

      9bb261b4ed84af846e07ffb6352960687e59428fd497faa0a37d70b57a1a7430d48ac350fbb0c3f0f11e4231a98ebca4d6923deba0949fdd7a247a3c02737355

    • SSDEEP

      24576:4Fa9OUi2VoN2gZ1M8UQag3BXrYZt+GgGTfG74T+TRcL:Z9OUiTN2gZ1MExEZkkf+4TARg

    • Downloads MZ/PE file

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Detected potential entity reuse from brand STEAM.

MITRE ATT&CK Enterprise v15

Tasks