0a19de24703eb60b228334a05bd14426b58c3cd011e90bcaa9145adce920fc04 | Triage

Sharing

General

Target

Activation.rar
Size

15.4MB
Sample

250414-qmv1hsxqv4
MD5

218990d9bd291bb47e46695401babc54
SHA1

26d49cd071e4e5ab5379078a20411d784d3ffe54
SHA256

0a19de24703eb60b228334a05bd14426b58c3cd011e90bcaa9145adce920fc04
SHA512

d1e2a3274ce6cff7cc4eb98f5233f9138aafaa5d5df576e46b3ea1ae8a0572d17a983c38c03f9151f2373b095d82bd198191653bef55f1c834ea95645f9dcaaf
SSDEEP

393216:nwabdT1J1+fZQgloATm+6Te90Z8dbStqheB5dikdg+IG9Gk:RV1+fZsAMeWZ2u8I5diIbGk

Score

7^/10

steam discovery phishing pyinstaller

Malware Config

Targets

- Target
  
  Activation/STEAMWEBHELPER.EXE.pf
- Size
  
  26KB
- MD5
  
  7aea61a4ecf5352fe47743bcabf11ead
- SHA1
  
  e11f6f67ff4fd82185d397f8be827bdcd7f501c7
- SHA256
  
  db4dac3919addaa5672c252761a6d1e9328cfdc604bd7e6cce2d45ef253adf1c
- SHA512
  
  24e454029419850441e11361749f8c31cb069ab54163c0cb7c6c3e0a9e2d7e561def90fc6c61fb1f5c0c483a5544b783bbc61affb3b3d7c6081b384b5bc074d5
- SSDEEP
  
  384:B72Ml1tWLaXvkVG8qGjflds8FkNZNPYTvOOktNbi52e4lo045h:BCMl1yaX8VfqG/s8+NZNATWt052U045h
Score

3^/10
behavioral1
- Target
  
  Activation/steamweb.exe.exe
- Size
  
  15.5MB
- MD5
  
  2557af1cde18cc05e215ac65547b4d84
- SHA1
  
  49d94a7dd93ba7bb3e6062f112e15ed17cd718ab
- SHA256
  
  20757c361f653b52a5e4c8ee12f0fb4ae78a8ed60b8e214cb86f279798ee23d0
- SHA512
  
  307648c30f29125cad241b774689593ade6735e0054ab372210717b4b27febf27aaace94941c221b582d65efcf1db49ce34a2427948c0a78d0346ad8cd8500cd
- SSDEEP
  
  393216:NcjJzQH4Z4+D6F4vh+viahsj9l61+TtIiW0VJWLlW30:su4ZX52W61QtI2Ei
Score

7^/10

steam discovery phishing
- Loads dropped DLL
- Detected potential entity reuse from brand STEAM.
  phishing steam
behavioral2
- Target
  
  key.pyc
- Size
  
  11KB
- MD5
  
  025d3d530a9d9bcc9425f4c8b49dd0e8
- SHA1
  
  76f095d6ecf2250b82ff204eee78a8335ea06423
- SHA256
  
  0a74bedf6cb4be444d542d8d72c027c843296d0ceb1849659365014e725fad11
- SHA512
  
  ee3ee891bcca53edfe891f22351de0b9cd1a8b802e2614ba460156328dcfe16fa19dc6bdd5ff2c1ed47ae47621868f481220e3da4a27846b87da3643301d2e86
- SSDEEP
  
  192:RqQo8/l5il3OtA7HYfddslgmRouV3B1QvSPVohu:Eq5iletcHYjjmNxB1QKPVz
Score

3^/10
behavioral3

MITRE ATT&CK Enterprise v16

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

steamdiscoveryphishing

behavioral3