General

  • Target

    SteamtoolsSetup.rar

  • Size

    2.6MB

  • Sample

    241118-2gv9wawglb

  • MD5

    24f499424f40848ad65172244300f791

  • SHA1

    049d7b1b2f7c5a90d44579e1e1428d38d8bf48fa

  • SHA256

    265221532f2de22d617c9a489d5dd037dac1feaea7ff59d1f84fe3577e55d5b5

  • SHA512

    19d204642b8f6fbc15f2f0e794c7805e3d3cf30cd0ca78231dc3726e80a16dba41b574ccf196b9cf211d13e64a9e0044462520a1fb2ce3afdce4073696d93cc0

  • SSDEEP

    49152:3O9Wxy50/K+6smZay+rudYRZ8SoitW/NSoLZbLwWB/mq7XyRl6WPNB3LQC7rejGD:eWg+CZadTiSdMVrD7XyTXNBbrqjGFEc

Malware Config

Targets

    • Target

      SteamSetup.exe

    • Size

      2.3MB

    • MD5

      1b54b70beef8eb240db31718e8f7eb5d

    • SHA1

      da5995070737ec655824c92622333c489eb6bce4

    • SHA256

      7d3654531c32d941b8cae81c4137fc542172bfa9635f169cb392f245a0a12bcb

    • SHA512

      fda935694d0652dab3f1017faaf95781a300b420739e0f9d46b53ce07d592a4cfa536524989e2fc9f83602d315259817638a89c4e27da709aada5d1360b717eb

    • SSDEEP

      49152:UDP/q9MIX/crfcNVBaXp1m0zyVCMwBHgFzoZhRP8:kC9MI8Hm0GCjgFc3Rk

    • Target

      $PLUGINSDIR/StdUtils.dll

    • Size

      110KB

    • MD5

      db11ab4828b429a987e7682e495c1810

    • SHA1

      29c2c2069c4975c90789dc6d3677b4b650196561

    • SHA256

      c602c44a4d4088dbf5a659f36ba1c3a9d81f8367577de0cb940c0b8afee5c376

    • SHA512

      460d1ccfc0d7180eae4e6f1a326d175fec78a7d6014447a9a79b6df501fa05cd4bd90f8f7a85b7b6a4610e2fa7059e30ae6e17bc828d370e5750de9b40b9ae88

    • SSDEEP

      1536:cyy+HcFWrX52XWcS15c4DBVOw/bEQvWt6uouMw5m0mhdBu4NpBTvO7Fvo6mVS6oz:fy+8ozImcSNd1YHbMbCk/S

    Score
    3/10
    • Target

      $PLUGINSDIR/System.dll

    • Size

      22KB

    • MD5

      a36fbe922ffac9cd85a845d7a813f391

    • SHA1

      f656a613a723cc1b449034d73551b4fcdf0dcf1a

    • SHA256

      fa367ae36bfbe7c989c24c7abbb13482fc20bc35e7812dc377aa1c281ee14cc0

    • SHA512

      1d1b95a285536ddc2a89a9b3be4bb5151b1d4c018ea8e521de838498f62e8f29bb7b3b0250df73e327e8e65e2c80b4a2d9a781276bf2a51d10e7099bacb2e50b

    • SSDEEP

      384:V8QIl975eXqlWBrz7YLOlE/NyQH38E9VF6IYinAM+oZ5a1TN:VgPgrfYLO+rMEpYinAMxZG

    Score
    3/10
    • Target

      $PLUGINSDIR/nsDialogs.dll

    • Size

      20KB

    • MD5

      4e5bc4458afa770636f2806ee0a1e999

    • SHA1

      76dcc64af867526f776ab9225e7f4fe076487765

    • SHA256

      91a484dc79be64dd11bf5acb62c893e57505fcd8809483aa92b04f10d81f9de0

    • SHA512

      b6f529073a943bddbcb30a57d62216c78fcc9a09424b51ac0824ebfb9cac6cae4211bda26522d6923bd228f244ed8c41656c38284c71867f65d425727dd70162

    • SSDEEP

      384:ABSzm+t18pZ0WAg0RhIFgnGNyQH38E9VF6IYinAM+oZfNRoZk:NupZ/Ag0/T8MEpYinAMxZ7oW

    Score
    3/10
    • Target

      $PLUGINSDIR/nsExec.dll

    • Size

      17KB

    • MD5

      2095af18c696968208315d4328a2b7fe

    • SHA1

      b1b0e70c03724b2941e92c5098cc1fc0f2b51568

    • SHA256

      3e2399ae5ce16dd69f7e2c71d928cf54a1024afced8155f1fd663a3e123d9226

    • SHA512

      60105dfb1cd60b4048bd7b367969f36ed6bd29f92488ba8cfa862e31942fd529cbc58e8b0c738d91d8bef07c5902ce334e36c66eae1bfe104b44a159b5615ae5

    • SSDEEP

      384:PbGgezxEqoyGgmkNFNyQH38E9VF6IYinAM+oZhc3iMy8:T31yGLkbMEpYinAMxZAy8

    Score
    3/10
    • Target

      $PLUGINSDIR/nsProcess.dll

    • Size

      15KB

    • MD5

      08072dc900ca0626e8c079b2c5bcfcf3

    • SHA1

      35f2bfa0b1b2a65b9475fb91af31f7b02aee4e37

    • SHA256

      bb6ce83ddaad4f530a66a1048fac868dfc3b86f5e7b8e240d84d1633e385aee8

    • SHA512

      8981da7f225eb78c414e9fb3c63af0c4daae4a78b4f3033df11cce43c3a22fdbf3853425fe3024f68c73d57ffb128cba4d0db63eda1402212d1c7e0ac022353c

    • SSDEEP

      192:WUl64IGsjDNyQDbnPvy2sE9jBF6IYiYF8pA5K+oZ7W76OCwy9GUe:5ZsNyQH38E9VF6IYinAM+oZYsBe

    Score
    3/10
    • Target

      Steam.exe

    • Size

      4.2MB

    • MD5

      33bcb1c8975a4063a134a72803e0ca16

    • SHA1

      ed7a4e6e66511bb8b3e32cbfb5557ebcb4082b65

    • SHA256

      12222b0908eb69581985f7e04aa6240e928fb08aa5a3ec36acae3440633c9eb1

    • SHA512

      13f3a7d6215bb4837ea0a1a9c5ba06a985e0c80979c25cfb526a390d71a15d1737c0290a899f4705c2749982c9f6c9007c1751fef1a97b12db529b2f33c97b49

    • SSDEEP

      98304:7JeV/ztZBe91oiImuUiK9N9EGQKF9lSHbr7aw:1S/hwkmg4EpbrOw

    Score
    4/10
    • Target

      bin/SteamService.exe

    • Size

      2.5MB

    • MD5

      ba0ea9249da4ab8f62432617489ae5a6

    • SHA1

      d8873c5dcb6e128c39cf0c423b502821343659a7

    • SHA256

      ce177dc8cf42513ff819c7b8597c7be290f9e98632a34ecd868dc76003421f0d

    • SHA512

      52958d55b03e1ddc69afc2f1a02f7813199e4b3bf114514c438ab4d10d5ca83b865ba6090550951c0a43b666c6728304009572212444a27a3f5184663f4b0b8b

    • SSDEEP

      49152:G+v+Y6iR3Gdcw/9I4AEZvvxYtP6iJ6aFmDJRicyM/wHH1sc:G+v+YbGiwV9AEZvW0iJRma

    Score
    1/10
    • Target

      uninstall.exe

    • Size

      155KB

    • MD5

      32109e2aac377fa07b849f4f4033edc5

    • SHA1

      a7b87a221744fb2e36327be0a34c17b7d734c47f

    • SHA256

      72ffe8859eaa63637f5a62b7c454241db35938f8326f6ccf20352e00f8df2fe5

    • SHA512

      688d9b51060d84c4e2dd0ddbb20d43bbc8bf93a903f26e855f546335bd7a5c9ef5c6f888dff35d379cbb1d782c5e231b33831b7272cde2b40c2d7fc2b85ffc0d

    • SSDEEP

      3072:iIAe+3aJpgWXTBuq/JFONM2cZ6iKowuq12ApG3s/6:izB+pgURJFOS21iQ5i+6

    Score
    4/10
    • Target

      $PLUGINSDIR/LangDLL.dll

    • Size

      16KB

    • MD5

      46ba3881f8b27f54a8d92d600e61ee7b

    • SHA1

      15933b6ece85a6d45fd78ae499b445a3bc6d2d05

    • SHA256

      4fca692a36f0c99e26b5bc7ef9db5269d2c1e21288184953898130fea9b1c4fc

    • SHA512

      6f64d3cb4634ed51710f578667b92a429aa871a0a141092df3cf7e0134a0b145f802f91126f1ce43ddb4b9d6cc6fb875c9acec22eab0cec86a72dd916e1f9eb3

    • SSDEEP

      384:kTrZBV86AQINyQH38E9VF6IYinAM+oZtfpMVK:kXZL86A1MEpYinAMxZ5aK

    Score
    3/10
    • Target

      $PLUGINSDIR/ShellLink.dll

    • Size

      15KB

    • MD5

      130e29fa7dc68393d3ef12fa5fe876b9

    • SHA1

      54d3b821df8f42e26698f0cf99bca5d2e6aa080e

    • SHA256

      eae7829a3df5d8d63e16787f7c3d5ae4b82b3b79c2cd7aad9c2532374b6ea522

    • SHA512

      56dbae0e1918ed50c99a863304544d5d31925c62d4ebfd7244d67f909c353ee4160b081b43832cf33f1048f998431ba14270600de512dc6c853a17dd524df317

    • SSDEEP

      384:Ld7JQGYNyQH38E9VF6IYinAM+oZiDzQ06:LgVMEpYinAMxZqzB6

    Score
    3/10
    • Target

      $PLUGINSDIR/nsExec.dll

    • Size

      17KB

    • MD5

      2095af18c696968208315d4328a2b7fe

    • SHA1

      b1b0e70c03724b2941e92c5098cc1fc0f2b51568

    • SHA256

      3e2399ae5ce16dd69f7e2c71d928cf54a1024afced8155f1fd663a3e123d9226

    • SHA512

      60105dfb1cd60b4048bd7b367969f36ed6bd29f92488ba8cfa862e31942fd529cbc58e8b0c738d91d8bef07c5902ce334e36c66eae1bfe104b44a159b5615ae5

    • SSDEEP

      384:PbGgezxEqoyGgmkNFNyQH38E9VF6IYinAM+oZhc3iMy8:T31yGLkbMEpYinAMxZAy8

    Score
    3/10
    • Target

      SteamtoolsSetup.exe

    • Size

      978KB

    • MD5

      bbf15e65d4e3c3580fc54adf1be95201

    • SHA1

      79091be8f7f7a6e66669b6a38e494cf7a62b5117

    • SHA256

      c9f2e2abb046ff2535537182edf9a9b748aa10a22e98a1d8c948d874f4ffb304

    • SHA512

      9bb261b4ed84af846e07ffb6352960687e59428fd497faa0a37d70b57a1a7430d48ac350fbb0c3f0f11e4231a98ebca4d6923deba0949fdd7a247a3c02737355

    • SSDEEP

      24576:4Fa9OUi2VoN2gZ1M8UQag3BXrYZt+GgGTfG74T+TRcL:Z9OUiTN2gZ1MExEZkkf+4TARg

    Score
    1/10

MITRE ATT&CK Enterprise v15

Tasks