Overview

overview

8

Static

static

3

25.1.3.rar

windows11-21h2-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    25.1.3.rar

  • Size

    8.2MB

  • Sample

    241230-hrfgma1mdy

  • MD5

    e3cef5421ab760abf3e12cd6a2a291a2

  • SHA1

    b59ff1bd3aa5813bb53e9666e6062954f2a2e592

  • SHA256

    278e36a41b1023c01e0654fc838ca36d948cf82edd3f69bcf2bcc3d84f934a3a

  • SHA512

    b877bc1228ceccf3a5ee0e763ddae07af816388bb4339326918d66e0eaefb86e1d6232d641bdc2ce26c67ac709387d3684fbd2e0c010824972879772f4efcaba

  • SSDEEP

    196608:+XY9tlhDmDfjmlIPl7LcoaYmGCWGLoN6P/4Vv1wnd:+Q3hCmIl7LJkGCwoPw1Md

Score
8/10
steamdefense_evasiondiscoverypersistencephishingpyinstaller

Malware Config

Targets

    • Target

      25.1.3.rar

    • Size

      8.2MB

    • MD5

      e3cef5421ab760abf3e12cd6a2a291a2

    • SHA1

      b59ff1bd3aa5813bb53e9666e6062954f2a2e592

    • SHA256

      278e36a41b1023c01e0654fc838ca36d948cf82edd3f69bcf2bcc3d84f934a3a

    • SHA512

      b877bc1228ceccf3a5ee0e763ddae07af816388bb4339326918d66e0eaefb86e1d6232d641bdc2ce26c67ac709387d3684fbd2e0c010824972879772f4efcaba

    • SSDEEP

      196608:+XY9tlhDmDfjmlIPl7LcoaYmGCWGLoN6P/4Vv1wnd:+Q3hCmIl7LJkGCwoPw1Md

    Score
    8/10
    steamdefense_evasiondiscoverypersistencephishing

    • Downloads MZ/PE file

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery

    • Detected potential entity reuse from brand STEAM.

      phishingsteam
    behavioral1

MITRE ATT&CK Enterprise v15

Tasks