Overview

overview

7

Static

static

3

SteamtoolsSetup_2.exe

windows11-21h2-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    SteamtoolsSetup_2.exe

  • Size

    1.7MB

  • Sample

    241121-y7es2axjdw

  • MD5

    dd410c316152077eb8a683ed981fc787

  • SHA1

    360b90cd99dd9ead20b21e50c73a3d0fe10123c1

  • SHA256

    036128ca60c543609bf2c6c362e2f909c85f1760d4a8d6b07c55b73d36d9df0b

  • SHA512

    81f4dceebe93a89b239076937df31bf28542b23ed8e383ca9b30cbdcd89b3d8683fc8fff9c78d74c1ced281e766cb852b54b6c5b5640b6cb0224b66c747d8657

  • SSDEEP

    24576:nkcCSfG0yWS7woCNAi1GoCaLI4/gPGHOV1VVW4Qn652aPOrjB9:kcCSe0yT7wooAi1GhWI4oPGHOVVWvcC

Score
7/10
discoverymotwphishing

Malware Config

Targets

    • Target

      SteamtoolsSetup_2.exe

    • Size

      1.7MB

    • MD5

      dd410c316152077eb8a683ed981fc787

    • SHA1

      360b90cd99dd9ead20b21e50c73a3d0fe10123c1

    • SHA256

      036128ca60c543609bf2c6c362e2f909c85f1760d4a8d6b07c55b73d36d9df0b

    • SHA512

      81f4dceebe93a89b239076937df31bf28542b23ed8e383ca9b30cbdcd89b3d8683fc8fff9c78d74c1ced281e766cb852b54b6c5b5640b6cb0224b66c747d8657

    • SSDEEP

      24576:nkcCSfG0yWS7woCNAi1GoCaLI4/gPGHOV1VVW4Qn652aPOrjB9:kcCSe0yT7wooAi1GhWI4oPGHOVVWvcC

    Score
    7/10
    discoverymotwphishing

    • A potential corporate email address has been identified in the URL: =@L

      phishing

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Mark of the Web detected: This indicates that the page was originally saved or cloned.

      phishingmotw
    behavioral1

MITRE ATT&CK Enterprise v15

Tasks