Overview

overview

7

Static

static

3

awd.rar

windows11-21h2-x64

7

awd/SteamS...1).exe

windows11-21h2-x64

6

$PLUGINSDI...er.bmp

windows11-21h2-x64

3

$PLUGINSDI...rd.bmp

windows11-21h2-x64

3

public/ste...an.txt

windows11-21h2-x64

3

public/ste...an.txt

windows11-21h2-x64

3

public/ste...ch.txt

windows11-21h2-x64

3

public/ste...sh.txt

windows11-21h2-x64

3

public/ste...ch.txt

windows11-21h2-x64

3

public/ste...sh.txt

windows11-21h2-x64

3

public/ste...sh.txt

windows11-21h2-x64

3

public/ste...ch.txt

windows11-21h2-x64

3

public/ste...an.txt

windows11-21h2-x64

3

public/ste...ek.txt

windows11-21h2-x64

3

public/ste...an.txt

windows11-21h2-x64

3

public/ste...an.txt

windows11-21h2-x64

3

public/ste...an.txt

windows11-21h2-x64

3

public/ste...se.txt

windows11-21h2-x64

3

public/ste...an.txt

windows11-21h2-x64

3

public/ste...na.txt

windows11-21h2-x64

3

public/ste...am.txt

windows11-21h2-x64

3

public/ste...an.txt

windows11-21h2-x64

3

public/ste...sh.txt

windows11-21h2-x64

3

public/ste...se.txt

windows11-21h2-x64

3

public/ste...an.txt

windows11-21h2-x64

3

public/ste...an.txt

windows11-21h2-x64

3

public/ste...se.txt

windows11-21h2-x64

3

public/ste...sh.txt

windows11-21h2-x64

3

public/ste...sh.txt

windows11-21h2-x64

3

public/ste...se.txt

windows11-21h2-x64

3

uninstall.exe

windows11-21h2-x64

4

awd/Steamt...1).exe

windows11-21h2-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    awd.rar

  • Size

    2.6MB

  • Sample

    241119-zaa91ssgkk

  • MD5

    13fbac14ae846a84411f39ca29e085a5

  • SHA1

    7b18da535912b56e0f8546f0ac63c74da9efff54

  • SHA256

    3f2e89b07e7730999d80b41a44dc29f53aaba7875da5734b8158bfa74f645f3f

  • SHA512

    9391f9abe6cb69e6cf54973e359d0b1c90af1f4c896cbc88339c624500dfce37b8522c8f2cb3a76ddccae4463c5dc14e1c80fdfca47b094b984dd01b78d83e6e

  • SSDEEP

    49152:+ZfyI6jfYdZFSzqDm5qDYho6QADT5zFl5uy55Sl/HgIc9Cg03TGjytsU3YxGWbZO:+Zfe+bSaCqkR5uy7qHgh1eTGgHl

Score
7/10
discoverypersistence

Malware Config

Targets

    • Target

      awd.rar

    • Size

      2.6MB

    • MD5

      13fbac14ae846a84411f39ca29e085a5

    • SHA1

      7b18da535912b56e0f8546f0ac63c74da9efff54

    • SHA256

      3f2e89b07e7730999d80b41a44dc29f53aaba7875da5734b8158bfa74f645f3f

    • SHA512

      9391f9abe6cb69e6cf54973e359d0b1c90af1f4c896cbc88339c624500dfce37b8522c8f2cb3a76ddccae4463c5dc14e1c80fdfca47b094b984dd01b78d83e6e

    • SSDEEP

      49152:+ZfyI6jfYdZFSzqDm5qDYho6QADT5zFl5uy55Sl/HgIc9Cg03TGjytsU3YxGWbZO:+Zfe+bSaCqkR5uy7qHgh1eTGgHl

    Score
    7/10
    discoverypersistence

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1

    • Target

      awd/SteamSetup (1).exe

    • Size

      2.3MB

    • MD5

      1b54b70beef8eb240db31718e8f7eb5d

    • SHA1

      da5995070737ec655824c92622333c489eb6bce4

    • SHA256

      7d3654531c32d941b8cae81c4137fc542172bfa9635f169cb392f245a0a12bcb

    • SHA512

      fda935694d0652dab3f1017faaf95781a300b420739e0f9d46b53ce07d592a4cfa536524989e2fc9f83602d315259817638a89c4e27da709aada5d1360b717eb

    • SSDEEP

      49152:UDP/q9MIX/crfcNVBaXp1m0zyVCMwBHgFzoZhRP8:kC9MI8Hm0GCjgFc3Rk

    Score
    6/10
    discoverypersistence
    behavioral2

    • Target

      $PLUGINSDIR/modern-header.bmp

    • Size

      25KB

    • MD5

      da3486d12bb4c8aec16bd9e0d363d23f

    • SHA1

      863244a4845c9d5dea8dd36e1083f5639e1224e1

    • SHA256

      d93b76d51bd2214fa6e999c1bf70b4aff5165a6542f9b9b2a92b5672601f4624

    • SHA512

      8e40adb65a4ad46f3bc5920d7fd8294397268e754b1eb00d4f7b0883be6468448033d9a46cf3a00fccddb4a7c81e7f984cf5a25731532c1aeface69573dfe59f

    • SSDEEP

      96:iAwofR7VVNRn5/7hY0buGRGGM/o3FYsIR:YWxvN//7a0buGRGGTdm

    Score
    3/10
    behavioral3

    • Target

      $PLUGINSDIR/modern-wizard.bmp

    • Size

      150KB

    • MD5

      3614a4be6b610f1daf6c801574f161fe

    • SHA1

      6edee98c0084a94caa1fe0124b4c19f42b4e7de6

    • SHA256

      16e0edc9f47e6e95a9bcad15adbdc46be774fbcd045dd526fc16fc38fdc8d49b

    • SHA512

      06e0eff28dfd9a428b31147b242f989ce3e92474a3f391ba62ac8d0d05f1a48f4cf82fd27171658acbd667eaffb94cb4e1baf17040dc3b6e8b27f39b843ca281

    • SSDEEP

      48:ZQEM+jeAwtwVUoYxq+HQiNE/7o+f3cbqBtpozK8lHl/GGKOFHNPf33zFYsvwL:ZkWeftwV1enu/7ozCeu8RGGvP/jFYsv

    Score
    3/10
    behavioral4

    • Target

      public/steambootstrapper_brazilian.txt

    • Size

      4KB

    • MD5

      0340d1a0bbdb8f3017d2326f4e351e0a

    • SHA1

      90d078e9f732794db5b0ffeb781a1f2ed2966139

    • SHA256

      0fcd7ae491b467858f2a8745c5ecdd55451399778c2119517ee686d1f264b544

    • SHA512

      9d23e020875ed35825169a6542512ec2ffdb349472a12eb1e59ddc635e57c8fd65fa919873821e35c755aa7d027c9a62d3d0fa617340449d7b2c4cf8dd707e93

    • SSDEEP

      96:3aArpYaRZ8hYzaAD25nDoVIPEPVIPErKOo8D85e:Gar8iRCNDVPXP738D85e

    Score
    3/10
    behavioral5

    • Target

      public/steambootstrapper_bulgarian.txt

    • Size

      6KB

    • MD5

      4c81277a127e3d65fb5065f518ffe9c2

    • SHA1

      253264b9b56e5bac0714d5be6cade09ae74c2a3a

    • SHA256

      76a6bd74194efd819d33802decdfddaae893069d7000e44944dda05022cfa6d9

    • SHA512

      be077b61f3b6d56a1f4d24957deaf18d2dff699bda6569604aac4f1edb57c3cfd0abc5e2a67809f72e31a90b4aed0813536c153886da2099376964c60e56001a

    • SSDEEP

      192:sKVp+typPx7rYLxGnyVqY8WYw6i0KfBKKfg38m8i/:sKVpiqMLxGnyVq/YEWYWg38m8G

    Score
    3/10
    behavioral6

    • Target

      public/steambootstrapper_czech.txt

    • Size

      4KB

    • MD5

      2158881817b9163bf0fd4724d549aed4

    • SHA1

      c500f2e8f47a11129114ee4f19524aee8fecc502

    • SHA256

      650a265dffdc5dc50200bb82d56f416a3a423eecc08c962cfd1ba2d40a1ff3f7

    • SHA512

      f3594aad9d6c50254f690c903f078a5b7a58c33bd418abdad711ebb74cfbdb5564679593e08fb2d4378faaf4160d45e3d276ba1aa8a174ed77a5791bcac46f28

    • SSDEEP

      96:20Az7xzQK8VzRZfVAxzPXRQjpqp/lSPxIjfiI7yOo8S8qQk:/Az9zozrdAZPXR6qOPOvO38S8qQk

    Score
    3/10
    behavioral7

    • Target

      public/steambootstrapper_danish.txt

    • Size

      4KB

    • MD5

      03b664bd98485425c21cdf83bc358703

    • SHA1

      0a31dcfeb1957e0b00b87c2305400d004a9a5bdb

    • SHA256

      fdf7b42b3b027a12e1b79cb10ab9e6e34c668b04eb9e8a907d8611ba46473115

    • SHA512

      4a8cdd4b98432ba9d9b36bc64aab9a2eab31a074d1cbdfab3d35a14216c60752b5580c41bbb70104993420043685d3bd47eb6637b8fcbb3f42f76a15e4be041d

    • SSDEEP

      96:iKSCj4RjGEcH6RZY77p7zrOsLEPnvIBXKvI2BqOo8380Bg3:BJj4jGnH6rY77lrOxPnQoQmq38380By

    Score
    3/10
    behavioral8

    • Target

      public/steambootstrapper_dutch.txt

    • Size

      4KB

    • MD5

      31a29061e51e245f74bb26d103c666ad

    • SHA1

      271e26240db3ba0dcffc10866ccfcfa1c33cf1cc

    • SHA256

      56c8a86fa95eab0d8f34f498e079b5516b96d2a2f1ad9c2a888555e50e47f192

    • SHA512

      f85865c1e9ab45e5586d3dd2b45d15265193e8a3c34b6bb1ac7e415a1ea878cfb044e8e01012e917e4f00bb9e0a422f56253f328df1bac99a145e19433354cf8

    • SSDEEP

      96:TnsaIWCk1TXfSRkAcXJNRZY/r/iza1GUNrzRxbM4x9yJs+Xc1AZqI79qIjiOo8nl:LsaIVATvycZNrY/KQyJs+ZZz79zji38l

    Score
    3/10
    behavioral9

    • Target

      public/steambootstrapper_english.txt

    • Size

      4KB

    • MD5

      da6cd2483ad8a21e8356e63d036df55b

    • SHA1

      0e808a400facec559e6fbab960a7bdfaab4c6b04

    • SHA256

      ebececd3f691ac20e5b73e5c81861a01531203df3cf2baa9e1b6d004733a42a6

    • SHA512

      06145861eb4803c9813a88cd715769a4baa0bab0e87b28f59aa242d4369817789f4c85114e8d0ceb502e080ec3ec03400385924ec7537e7b04f724ba7f17b925

    • SSDEEP

      96:hSlb0IG997a8ICgARZ2pyUBnXPz5dc6LzIIivI/BxkHLs068:8lHmbICgAr2hJc6LkIiQ/DOLsV8

    Score
    3/10
    behavioral10

    • Target

      public/steambootstrapper_finnish.txt

    • Size

      4KB

    • MD5

      9e62fc923c65bfc3f40aaf6ec4fd1010

    • SHA1

      8f76faff18bd64696683c2a7a04d16aac1ef7e61

    • SHA256

      8ff0f3cbdf28102ff037b9cda90590e4b66e1e654b90f9aea2cd5364494d02b7

    • SHA512

      c8ff15373b37e848e6239a82424569e77c82a5fc557d17e7d2ed1d0d2b2f7d026cc1e2bc98cb5ee945c02cfefb82803c23fa6a26f48ff0adcf762f94cd5dd035

    • SSDEEP

      96:OJCZC1RCSwhp1RZY/T4zcVYssvWIN71BIxZvaZIUZvaPOo8K8jbG:JkPwhp1rY/UcV0ALbYi38K8jK

    Score
    3/10
    behavioral11

    • Target

      public/steambootstrapper_french.txt

    • Size

      4KB

    • MD5

      10c429eb58b4274af6b6ef08f376d46c

    • SHA1

      af1e049ddb9f875c609b0f9a38651fc1867b50d3

    • SHA256

      a1f6ba57ee41e009d904905c0ce5e75a59ee6790e08542561303109e1faafa13

    • SHA512

      d8760f61760bffd8671b727d386ae220e7e6e68829a01553cfd5eb60ef8bd1d7c1b25e7b17a6db5bd17ba6712ef44999726764459318e784843c73bc4facaf46

    • SSDEEP

      96:vk3l1CEN8RLcSMWPrfwgXWRZDbUvzBT5H5MEkJJIbcYIbsgqOo83fy8WJv:sVIEug0ETrDsB0EkQbclbsgq38Py8WJv

    Score
    3/10
    behavioral12

    • Target

      public/steambootstrapper_german.txt

    • Size

      4KB

    • MD5

      5c026fd6072a7c5cf31c75818cddedec

    • SHA1

      341aa1df1d034e6f0a7dff88d37c9f11a716cae6

    • SHA256

      0828572e4fa00c186dbf1d9072a6154d65cb499c6a37e338f3305f77a2fee382

    • SHA512

      f9d28714b2a05f8d9025f1692e4d7e8baa6daf6176353f65646a38814a242ef2adededa44419edd69f10cf96ffba506dab7cb6e52111457bf69cffef12174b12

    • SSDEEP

      96:hn6e0CBtWTkRBtWTkcBMBcVRZY13nSYzBPCN0ayRzkxjhoG8IJ8N8S3vIKa3DOoo:h6erBtWwBtWDBMBcVrYF7+3tZcQTD38P

    Score
    3/10
    behavioral13

    • Target

      public/steambootstrapper_greek.txt

    • Size

      6KB

    • MD5

      189ba063d1481528cbd6e0c4afc3abaa

    • SHA1

      40bdd169fcc59928c69eea74fd7e057096b33092

    • SHA256

      c0a7a1df442ac080668762df795c72aa322e9d415c41bd0a4c676a4dc0551695

    • SHA512

      ce59ad9b17bab4de1254e92ce4fe7d8c8242832f62ab382e8f54199a9932cd11b5800cc33895441426373d5210cc74104e0271b721a7e26ed400b716ae4d5903

    • SSDEEP

      192:xjAVmh67hMmrdtSIWdS0ZOfdS0ZQR38a8FN:gp8nOLQR38a8j

    Score
    3/10
    behavioral14

    • Target

      public/steambootstrapper_hungarian.txt

    • Size

      4KB

    • MD5

      18aaaf5ffcdd21b1b34291e812d83063

    • SHA1

      aa9c7ae8d51e947582db493f0fd1d9941880429f

    • SHA256

      1f45bb7bdfa01424f9237eec60eba35dc7f0dc4e8c2e193fe768fe96d3ff76d5

    • SHA512

      4f3e56d1abe26b56d3f805dc85baaca450c0c7bec57ebcf8a6bb6ebb8588307dad130c83bf792bac76694909a14fd6a4d7d1e9b31e32fba11256343b9fc18154

    • SSDEEP

      96:ADKraKKnH5BpRZELDO1cMQzQNW3kjN7MIOjHfvMIOwuOo888OK:W+a5BprELDXMAQNnN1OjHfhOwu3888OK

    Score
    3/10
    behavioral15

    • Target

      public/steambootstrapper_indonesian.txt

    • Size

      4KB

    • MD5

      1514d082b672b372cdfb8dd85c3437f1

    • SHA1

      336a01192edb76ae6501d6974b3b6f0c05ea223a

    • SHA256

      3b3c5c615fd82070cc951ab482d3de8cb12df0b3df59fbd11f9d3271fa2fbca4

    • SHA512

      4d41c945ce7c94746875b0dbceb14811d4966de4e97fe047406a304162fde7e1e2a16367fc2e43978e2e5aa66749f036b4444aa2312673c2cc3af296e8b77f55

    • SSDEEP

      96:avbCWRRc1yRZY+lDz+Xo2drTRw2IoMTb9ISQISXOo8V8El:o+2S1yrYWsEo0uWq38V8El

    Score
    3/10
    behavioral16

    • Target

      public/steambootstrapper_italian.txt

    • Size

      4KB

    • MD5

      8958371646901eac40807eeb2f346382

    • SHA1

      55fb07b48a3e354f7556d7edb75144635a850903

    • SHA256

      b01ec64d75fd1fbd00fbeb45a3fb39244911a8b22bb43de4e0c03f205184f585

    • SHA512

      14c5dbb017822336f22bf6779ccd4a66604ddc5f2c3caa24271e96f739fef007754d96844efa422d6682cbcd2d3bc902c36f0f6acb3eb87ed8d7b3f885973554

    • SSDEEP

      96:5fTYcpLQ4J+4XRZauvgpJ2zyHTNb9eMuIluIVOo83zy8Xa6:xpkA3XrDQHlHV38Dy8Xa6

    Score
    3/10
    behavioral17

    • Target

      public/steambootstrapper_japanese.txt

    • Size

      5KB

    • MD5

      7e1d15fc9ba66a868c5c6cb1c2822f83

    • SHA1

      bfe9a25fdc8721d7b76cecb9527a9ba7823dc3d7

    • SHA256

      fc74e26a8baabbe4851109512d85173b75dbf7293d41eb3b92a1957a773c8265

    • SHA512

      0892be14a858cc860766afb1c996b2c355108a7e50971ea3ec00d15069e919a6eb05a61fa839bea3938492c391e274144c5e248f4c204a602bf36adf27e5b406

    • SSDEEP

      96:wnwSwjaxKPVcljckFEJckFzRZYwCeHalzL9L3XHwrqdJOxoPLD1hKkHzULyqI5d5:ewSwINckeJck5rY5RXwaJdykHRly38TD

    Score
    3/10
    behavioral18

    • Target

      public/steambootstrapper_korean.txt

    • Size

      4KB

    • MD5

      202b825d0ef72096b82db255c4e747fa

    • SHA1

      3a3265e5bbaa1d1b774195a3858f29cea75c9e75

    • SHA256

      3d1399f5323a3ece1b1a8b3b31f8fd7f50c3bd319ab3f1c38c6e347452c95314

    • SHA512

      e8fc7cc09f431301d22a07b238179ee053505090e3c4db30ead061513fe7159f1fe8b80efc93f4597fe00f01087bbe0bb2231e13693d72c8def138657cb91566

    • SSDEEP

      96:bno0CtiVRtncgz5d4thtF5NdLRZYyzzjBaz23//w2Dv3RFQuVSMfXIjNXIPemiOO:zorkv+gteRFTtrYxUXLLBFQjOq3838gw

    Score
    3/10
    behavioral19

    • Target

      public/steambootstrapper_koreana.txt

    • Size

      4KB

    • MD5

      202b825d0ef72096b82db255c4e747fa

    • SHA1

      3a3265e5bbaa1d1b774195a3858f29cea75c9e75

    • SHA256

      3d1399f5323a3ece1b1a8b3b31f8fd7f50c3bd319ab3f1c38c6e347452c95314

    • SHA512

      e8fc7cc09f431301d22a07b238179ee053505090e3c4db30ead061513fe7159f1fe8b80efc93f4597fe00f01087bbe0bb2231e13693d72c8def138657cb91566

    • SSDEEP

      96:bno0CtiVRtncgz5d4thtF5NdLRZYyzzjBaz23//w2Dv3RFQuVSMfXIjNXIPemiOO:zorkv+gteRFTtrYxUXLLBFQjOq3838gw

    Score
    3/10
    behavioral20

    • Target

      public/steambootstrapper_latam.txt

    • Size

      4KB

    • MD5

      7913f3f33839e3af9e10455df69866c2

    • SHA1

      15fa957d0a6a2717027f5b35f4dbe5e0ab8ece25

    • SHA256

      05bc1f4973c6d36002ac1b37ce46b1f941fcb4338282e0ec1ec83fb558d1a88c

    • SHA512

      534e541757d19ee157a268bf7ea358b48015f400542fcfa49cdb547cd652926160f015fe2cf026d9c4996e56ab90ca3899dfd457997d915bf6bc9d7bb00ba804

    • SSDEEP

      96:9FDhCIRRcJ3NkrHRZYGerQrmermz+Ejp6lLSG+oIq2K/+oIq2vgKOo8348o06:fsISbSrYrybSZYlEzKazv938o8o06

    Score
    3/10
    behavioral21

    • Target

      public/steambootstrapper_norwegian.txt

    • Size

      4KB

    • MD5

      58e0fcbee3cca4ef61b97928cfe89535

    • SHA1

      1297e3af3ca9e4fe3cc5db78ebbfa642e8a2c57b

    • SHA256

      c084a68b65d507eb831831aa2ab9afb9536cb99a840d248cc155ff87fad18425

    • SHA512

      99aff0c481e34cd0e4fcbb2af471afb56d91aa11be664462b08e17ae169ca03ef77e7063b4ecd0f38ca7b2f6dc0bf2e316c7b31dffbbcfc763cd8fae27dc78d2

    • SSDEEP

      96:hL+9CbrRtcejaRZYBEpdzQdbRAoWxqJcz6lIb2oZIA+Oo8q80Br+:EQb1+ejarYO7Qpsecz6Sb2o2A+38q80w

    Score
    3/10
    behavioral22

    • Target

      public/steambootstrapper_polish.txt

    • Size

      4KB

    • MD5

      9b0b0e82f753cc115d87c7199885ad1b

    • SHA1

      5743a4ab58684c1f154f84895d87f000b4e98021

    • SHA256

      0bdeee9fa28d54d384e06ea646fbcfe3f06698a31dfdc1a50703ffe83ad78d32

    • SHA512

      b7780b82fbe705bc8e5a527c011eb685c99ef0b2eb810617b9f82b891341af95ef1c2f46dce9e458c0c4dcc3e7a0d21db6c77f03419cd1c4b521a9b72f9017df

    • SSDEEP

      96:Wa2CgROcEhwYRZYXvs9zp6SjluImGIljIjXOo89p8FR:X1wVEhwYrYQoI4fOD3838FR

    Score
    3/10
    behavioral23

    • Target

      public/steambootstrapper_portuguese.txt

    • Size

      4KB

    • MD5

      eb8926608c5933f05a3f0090e551b15d

    • SHA1

      a1012904d440c0e74dad336eac8793ac110f78f8

    • SHA256

      2ed2b0d654d60e0a82b0968a91d568b775144e9d92f2b077b6da75f85ad12d04

    • SHA512

      9113c42c38836f71ff0cc7019aff8c873845f47fbf1ab97e981cb038f4d8495b6df784402b1ee9666e8e567ae866b0284c81e6a16efb47131d5ef88569c4843a

    • SSDEEP

      96:uIsrct89cRZetJ2Ommrzrrd2GQvqGVA9VM7KOo8388UL6:Lt89crMYOZXwSwIx38s8UL6

    Score
    3/10
    behavioral24

    • Target

      public/steambootstrapper_romanian.txt

    • Size

      4KB

    • MD5

      6367f43ea3780c4ee166454f5936b1a8

    • SHA1

      027a2c24c8320458c49cd78053f586cb4d94ee6f

    • SHA256

      f8d1972e75a320344e3c834ba0a3a6a86edb39e20ef706bda9b7965d440d1998

    • SHA512

      31aab33e0d272cb43a8c160b3d37256716a683e5052192fd0e4d3cdaf30a10a9afa9d26d5d14ad216ee455627c32892a711d2bc137ee7a7df9a297f001a19e32

    • SSDEEP

      96:Ivm7CuRPcPlXRZYIL8CzHa5nPOhqlW+HdxIo5FIox+Oo83L8FN:SmeeEPlXrYA765PO+dO5H3878FN

    Score
    3/10
    behavioral25

    • Target

      public/steambootstrapper_russian.txt

    • Size

      6KB

    • MD5

      e04ad6c236b6c61fc53e2cb57ced87e8

    • SHA1

      e9d4846b7e6cc755ee14a5d3fa45ee7d3bf425a4

    • SHA256

      08c775efa77c2a92d369f794882e467b6e2526e61bc7aa7724f48e174524502e

    • SHA512

      0dfb7e6d811d649103499018f3d115c542fcaba420ceb69124a4d837fe162ce514e7be2040860c5ef5f9c01c961fa6eea8730606b73ec107d87597989b6fd331

    • SSDEEP

      96:c5qCHRRc8sF+RZLqls1s1pzMDqAFoJFOTfNfKIik6IiVqOo868Crsk:GxS8sErWl+s1BFpg1Zh3868Crsk

    Score
    3/10
    behavioral26

    • Target

      public/steambootstrapper_schinese.txt

    • Size

      4KB

    • MD5

      56dcf7b68f70826262a6ffaffe6b1c49

    • SHA1

      12e4272ba0e4eabc610670cdc6941f942da1eb6a

    • SHA256

      948cad1bb27109e008f2457248880c759d3fa98b92c5b4033b94f455cb8ac43f

    • SHA512

      c3fd9caf0bd4c303a7cc300faada9cfe6dd752e82d67625b31f4c0c2c091596508bb477fe19f758fdf79b25b8ac3f5320a8785d2b6705b9bcc28a054a59454e2

    • SSDEEP

      96:/BAGpCOREHce3QuRZY7yezuqY2v14q3HPG9AHINL4QI04VOo8a8Jz:Sr+re3QurY7XfHPgNL4d04V38a8Jz

    Score
    3/10
    behavioral27

    • Target

      public/steambootstrapper_spanish.txt

    • Size

      4KB

    • MD5

      66456d2b1085446a9f2dbd9e4632754b

    • SHA1

      8da6248b57e5c2970d853b8d21373772a34b1c28

    • SHA256

      c4f821a4903c4e7faea2931c7fb1cf261eba06a9840c78fdca689f5c784c06c4

    • SHA512

      196c2282ba13715709ece706c9219fe70c05dd295840082e7d901b9e5592e74b1bb556782181cdbe35bd1ab0d6197fef67258b09491fabc6f27606dbed667d49

    • SSDEEP

      96:pFDVCIRRcJ3NkrHRZYGerQrmermz+ejnclLSG+oIq2K/+oIq2vgKOo8348o06:roISbSrYrybS3YlEzKazv938o8o06

    Score
    3/10
    behavioral28

    • Target

      public/steambootstrapper_swedish.txt

    • Size

      4KB

    • MD5

      b2248784049e1af0c690be2af13a4ef3

    • SHA1

      aec7461fa46b7f6d00ff308aa9d19c39b934c595

    • SHA256

      4bf6b25bf5b18e13b04db6ed2e5ed635eb844fc52baa892f530194d9471f5690

    • SHA512

      f5cee6bba20a4d05473971f7f87a36990e88a44b2855c7655b77f48f223219978d91bcd02d320c7e6c2ec368234e1d0201be85b5626ef4909e047e416e1a066c

    • SSDEEP

      96:cnvF+VYBVZcdOMuRZvODz1Q4EqvL8FdGPbII8ncswBIIZswpOo8V8pVKw:CvsVsV6dOJrc1qGSdGPsI3+Idp38V8vl

    Score
    3/10
    behavioral29

    • Target

      public/steambootstrapper_tchinese.txt

    • Size

      4KB

    • MD5

      194a73f900a3283da4caa6c09fefcb08

    • SHA1

      a7a8005ca77b9f5d9791cb66fcdf6579763b2abb

    • SHA256

      5e4f2de5ee98d5d76f5d76fb925417d6668fba08e89f7240f923f3378e3e66f6

    • SHA512

      25842535c165d48f4cf4fa7fd06818ec5585cc3719eff933f5776a842713d7adb5667c3b9b1a122a1152450e797535fc7a8e97ebdd31c14b4d4900a33ede01f3

    • SSDEEP

      96:MBS8ClRHcPTTeRZYEIlzEDsdYIaujGRXaFHJICVkHJIDVIOo8J8Jn:DT/8PTTerY7VK+4qFHGvHGC38J8Jn

    Score
    3/10
    behavioral30

    • Target

      uninstall.exe

    • Size

      155KB

    • MD5

      32109e2aac377fa07b849f4f4033edc5

    • SHA1

      a7b87a221744fb2e36327be0a34c17b7d734c47f

    • SHA256

      72ffe8859eaa63637f5a62b7c454241db35938f8326f6ccf20352e00f8df2fe5

    • SHA512

      688d9b51060d84c4e2dd0ddbb20d43bbc8bf93a903f26e855f546335bd7a5c9ef5c6f888dff35d379cbb1d782c5e231b33831b7272cde2b40c2d7fc2b85ffc0d

    • SSDEEP

      3072:iIAe+3aJpgWXTBuq/JFONM2cZ6iKowuq12ApG3s/6:izB+pgURJFOS21iQ5i+6

    Score
    4/10
    discovery
    behavioral31

    • Target

      awd/SteamtoolsSetup (1) (1).exe

    • Size

      978KB

    • MD5

      bbf15e65d4e3c3580fc54adf1be95201

    • SHA1

      79091be8f7f7a6e66669b6a38e494cf7a62b5117

    • SHA256

      c9f2e2abb046ff2535537182edf9a9b748aa10a22e98a1d8c948d874f4ffb304

    • SHA512

      9bb261b4ed84af846e07ffb6352960687e59428fd497faa0a37d70b57a1a7430d48ac350fbb0c3f0f11e4231a98ebca4d6923deba0949fdd7a247a3c02737355

    • SSDEEP

      24576:4Fa9OUi2VoN2gZ1M8UQag3BXrYZt+GgGTfG74T+TRcL:Z9OUiTN2gZ1MExEZkkf+4TARg

    Score
    1/10
    behavioral32

MITRE ATT&CK Enterprise v15

Tasks

static1

Score
3/10

behavioral1

discoverypersistence
Score
7/10

behavioral2

discoverypersistence
Score
6/10

behavioral3

Score
3/10

behavioral4

Score
3/10

behavioral5

Score
3/10

behavioral6

Score
3/10

behavioral7

Score
3/10

behavioral8

Score
3/10

behavioral9

Score
3/10

behavioral10

Score
3/10

behavioral11

Score
3/10

behavioral12

Score
3/10

behavioral13

Score
3/10

behavioral14

Score
3/10

behavioral15

Score
3/10

behavioral16

Score
3/10

behavioral17

Score
3/10

behavioral18

Score
3/10

behavioral19

Score
3/10

behavioral20

Score
3/10

behavioral21

Score
3/10

behavioral22

Score
3/10

behavioral23

Score
3/10

behavioral24

Score
3/10

behavioral25

Score
3/10

behavioral26

Score
3/10

behavioral27

Score
3/10

behavioral28

Score
3/10

behavioral29

Score
3/10

behavioral30

Score
3/10

behavioral31

discovery
Score
4/10

behavioral32

Score
1/10