abf138e9dea16b8da182e63a1e7d49a59ee57c792a77c3de34f379ceb0923d6a | Triage

Submit
Reports

Overview

overview

8

Static

static

3

Steamtools...I2.dll

windows7-x64

1

Steamtools...I2.dll

windows10-2004-x64

1

Steamtools...on.dll

windows7-x64

1

Steamtools...on.dll

windows10-2004-x64

1

Steamtools...pp.exe

windows7-x64

1

Steamtools...pp.exe

windows10-2004-x64

1

Steamtools...61.exe

windows7-x64

3

Steamtools...61.exe

windows10-2004-x64

8

Analysis

max time kernel
93s
max time network
150s
platform
windows10-2004_x64
resource
win10v2004-20241007-en
resource tags

arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
submitted
22-01-2025 02:06

Sharing

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

Steamtools New Version/Guna.UI2.dll

Resource

win7-20240903-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

Steamtools New Version/Guna.UI2.dll

Resource

win10v2004-20241007-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral3

Sample

Steamtools New Version/Newtonsoft.Json.dll

Resource

win7-20240903-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral4

Sample

Steamtools New Version/Newtonsoft.Json.dll

Resource

win10v2004-20241007-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral5

Sample

Steamtools New Version/SomeWeirdApp.exe

Resource

win7-20240903-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral6

Sample

Steamtools New Version/SomeWeirdApp.exe

Resource

win10v2004-20241007-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral7

Sample

Steamtools New Version/Steamtools 1.61.exe

Resource

win7-20241010-en

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral8

Sample

Steamtools New Version/Steamtools 1.61.exe

Resource

win10v2004-20241007-en

steam discovery persistence phishing

windows10-2004-x64

23 signatures

150 seconds

Report Analysis Logs

General

Target

Steamtools New Version/SomeWeirdApp.exe
Size

64KB
MD5

2268d5e30e4e843a120aae29de1e6f88
SHA1

a74c23e0b83c262df97a87bcb9e3da20482d0eba
SHA256

42b5ff6aa823147c0c6a7b479d8db92b3d6f5428b137850d9c21808d8fb7af28
SHA512

672fad72bb78c9f872fcbd89e1f8ab10326d0ab3b1ae2cdc36426797def82f4b8646d14f2a851091e1359210687b1ba391d6357e6d1f60ec3562fbb3098b5cb6
SSDEEP

1536:CwnU/2TZdHif2pALN01XcXXbMw9ARdMJW+Hjz6:ClMTifNXXbhKRdgW+Hjm

Score

1^/10

Malware Config

Signatures

Processes

C:\Users\Admin\AppData\Local\Temp\Steamtools New Version\SomeWeirdApp.exe
"C:\Users\Admin\AppData\Local\Temp\Steamtools New Version\SomeWeirdApp.exe"
1⤵
PID:4928

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/4928-0-0x00007FFE43D43000-0x00007FFE43D45000-memory.dmp

Filesize
8KB

Download
memory/4928-1-0x000002306DA00000-0x000002306DA16000-memory.dmp

Filesize
88KB

Download

© 2018-2025

Terms | Privacy