80b6573208f2179c97ce64ff731269e349a07a3969c1198bf5a9092c5a01555c

Resubmissions

14/04/2025, 18:37

250414-w9yb2sxmx3 7

14/04/2025, 18:37

250414-w9fr1axsfx 1

14/04/2025, 17:15

250414-vs16yavpt2 7

Sharing

Copy URL

Twitter E-mail

General

Target

st-setup-1.8.16.exe
Size

8.2MB
Sample

250414-vs16yavpt2
MD5

9c42f5ccae30afc9c70c924d543924f8
SHA1

4e3c555cfee82d23acfdda4754c0870f455156e8
SHA256

80b6573208f2179c97ce64ff731269e349a07a3969c1198bf5a9092c5a01555c
SHA512

51d5c449ce3070a2c080a81d14af74e1c5621e41057fd4c311aee1888322879b6fadef1bbdbd370bfaa00dd50a87df2d73943f96aff3ae5b1d4708505d8a6707
SSDEEP

196608:k+1Siv6sNQ7agI/2FLDZnjT/K9skdRNlie1hCjHDlCMq:kliQhRVNCmWp7UHDlC

Score

7^/10

Malware Config

Targets

- Target
  
  st-setup-1.8.16.exe
- Size
  
  8.2MB
- MD5
  
  9c42f5ccae30afc9c70c924d543924f8
- SHA1
  
  4e3c555cfee82d23acfdda4754c0870f455156e8
- SHA256
  
  80b6573208f2179c97ce64ff731269e349a07a3969c1198bf5a9092c5a01555c
- SHA512
  
  51d5c449ce3070a2c080a81d14af74e1c5621e41057fd4c311aee1888322879b6fadef1bbdbd370bfaa00dd50a87df2d73943f96aff3ae5b1d4708505d8a6707
- SSDEEP
  
  196608:k+1Siv6sNQ7agI/2FLDZnjT/K9skdRNlie1hCjHDlCMq:kliQhRVNCmWp7UHDlC
Score

7^/10

steam discovery persistence phishing
- Modifies file permissions
  discovery
- Adds Run key to start application
  persistence
- Downloads MZ/PE file
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Detected potential entity reuse from brand STEAM.
  phishing steam
behavioral1
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  37KB
- MD5
  
  e74573ce106dd95b148bb8b1ef8e3418
- SHA1
  
  e7c8a86adcd4c69d3aab40f3705626b3e9bfa2c3
- SHA256
  
  ddf81deda75e0d11107fe93c43896aae47ba9c8fe43ccad06250552890255818
- SHA512
  
  bebcf0ba9f8b7a2fd0300e4547961db696b4c829fea099adc3334c54d2d479c9931a8bf2b711373aec0cca7332562f9fd6c515f463570f982421012570a2d34e
- SSDEEP
  
  768:/r96YIrx7lC7vU/kaG9uLmCdbzr2XuBv1kL2Eg:T0Yu7lC74kaGwJ33vsa
Score

1^/10
behavioral2
- Target
  
  $PLUGINSDIR/nsDialogs.dll
- Size
  
  26KB
- MD5
  
  9cbb2c67258df6cfc08e060bd8ab8309
- SHA1
  
  2737c9c05da63073759a8b3af3555c6d37a23ed6
- SHA256
  
  bed99bebd0b1fdadc4411a27d5ef3054e6287e32d81301761ed191ae8a799549
- SHA512
  
  b701998fe89d98a150328839f666d484131f031eb60e3e083a8ef7b81ffd48d1075b8d42dfb3a8333ba1f00a78eac5cc38a2443d1d7c28d22fde9124b63ce81b
- SSDEEP
  
  384:RWh4MFv1w/YWCLXASKi6nAlHBAl4KWoMQv/uo6ki2XStdkivRY2CSJIVE8E9VF0h:ZMF973wrsBjr2XuBvR/2EqWe9
Score

1^/10
behavioral3
- Target
  
  $PLUGINSDIR/nsExec.dll
- Size
  
  22KB
- MD5
  
  dad419c254e3d26c6329061b8d404093
- SHA1
  
  a46856098c88fa04d3bb77dc748a301c8fffc9a1
- SHA256
  
  2397fcb767d4b5ce48df8c9d673614d82f6e5d030b241428f67e0a689b775f66
- SHA512
  
  598c88a578282f80319c3ce2fa2aa293c4b19e4e872ea9254a492be62b87c6c5c9c1bf0ff3998961372974fc830453eaabab670e79b3cbcc22f96d01afd11ae9
- SSDEEP
  
  384:AWtdKiK007kMQv/uo6ki2XStdkiv1WfSJIVE8E9VF0NyP6xE:rtm0ur2XuBv1j2EeE
Score

1^/10
behavioral4
- Target
  
  Core.dll
- Size
  
  730KB
- MD5
  
  4be563c65ff66351f94035d6b5624cc7
- SHA1
  
  c183244308e2e847a308e5451b33dca82046f465
- SHA256
  
  306d129b6de45b07ca82bc68be8d3b761347d35b7c49f916f125f61640a73817
- SHA512
  
  7f717437aaa2b6c2bed8ab6d6818e0ea8c82fa8674217d0984bc1990b68b5fe1d96c1faa07488fbefb07411a4952730b63aeb992305d9e193e47af333bccee06
- SSDEEP
  
  12288:dwN4I1915bUr61nBXMv9Un1FMzYSTp9KjxToEeHmfmo6DjoNT7+Wv:6N7P1BJ1az1Tp94mSZ6DjQTtv
Score

3^/10

discovery
behavioral5
- Target
  
  Qt5Core.dll
- Size
  
  5.7MB
- MD5
  
  817520432a42efa345b2d97f5c24510e
- SHA1
  
  fea7b9c61569d7e76af5effd726b7ff6147961e5
- SHA256
  
  8d2ff4ce9096ddccc4f4cd62c2e41fc854cfd1b0d6e8d296645a7f5fd4ae565a
- SHA512
  
  8673b26ec5421fce8e23adf720de5690673bb4ce6116cb44ebcc61bbbef12c0ad286dfd675edbed5d8d000efd7609c81aae4533180cf4ec9cd5316e7028f7441
- SSDEEP
  
  98304:hcirJylHYab/6bMJsv6tWKFdu9CLiZxqfg8gwf:+irJylHFb/QMJsv6tWKFdu9CL4xqfg8x
Score

1^/10
behavioral6
- Target
  
  Qt5Gui.dll
- Size
  
  6.7MB
- MD5
  
  47307a1e2e9987ab422f09771d590ff1
- SHA1
  
  0dfc3a947e56c749a75f921f4a850a3dcbf04248
- SHA256
  
  5e7d2d41b8b92a880e83b8cc0ca173f5da61218604186196787ee1600956be1e
- SHA512
  
  21b1c133334c7ca7bbbe4f00a689c580ff80005749da1aa453cceb293f1ad99f459ca954f54e93b249d406aea038ad3d44d667899b73014f884afdbd9c461c14
- SSDEEP
  
  49152:9VPhJZWVvpg+za3cFlc61j2VjBW77I4iNlmLPycNRncuUx24LLsXZFC6FOCfDt2/:BJZzI1ZR3U9Cxc22aDACInVc4Z
Score

1^/10
behavioral7
- Target
  
  Qt5Network.dll
- Size
  
  1.3MB
- MD5
  
  3569693d5bae82854de1d88f86c33184
- SHA1
  
  1a6084acfd2aa4d32cedfb7d9023f60eb14e1771
- SHA256
  
  4ef341ae9302e793878020f0740b09b0f31cb380408a697f75c69fdbd20fc7a1
- SHA512
  
  e5eff4a79e1bdae28a6ca0da116245a9919023560750fc4a087cdcd0ab969c2f0eeec63bbec2cd5222d6824a01dd27d2a8e6684a48202ea733f9bb2fab048b32
- SSDEEP
  
  24576:eXPn73RXox1U9M0m+1ffSDY565RzHUY1iaRy95hdGehEM:+7hXU1U95m4ff9A5RviaRy9NGI
Score

1^/10
behavioral8
- Target
  
  Qt5Svg.dll
- Size
  
  322KB
- MD5
  
  03761f923e52a7269a6e3a7452f6be93
- SHA1
  
  2ce53c424336bcc8047e10fa79ce9bce14059c50
- SHA256
  
  7348cfc6444438b8845fb3f59381227325d40ca2187d463e82fc7b8e93e38db5
- SHA512
  
  de0ff8ebffc62af279e239722e6eedd0b46bc213e21d0a687572bfb92ae1a1e4219322233224ca8b7211ffef52d26cb9fe171d175d2390e3b3e6710bbda010cb
- SSDEEP
  
  6144:6qLZcTC3wR/0JNZ+csBkBv0L0hq+SvcO8MsvwbIeblsjTR:6qNcCwqHE2fYlsPR
Score

1^/10
behavioral9
- Target
  
  Qt5Widgets.dll
- Size
  
  5.2MB
- MD5
  
  4cd1f8fdcd617932db131c3688845ea8
- SHA1
  
  b090ed884b07d2d98747141aefd25590b8b254f9
- SHA256
  
  3788c669d4b645e5a576de9fc77fca776bf516d43c89143dc2ca28291ba14358
- SHA512
  
  7d47d2661bf8fac937f0d168036652b7cfe0d749b571d9773a5446c512c58ee6bb081fec817181a90f4543ebc2367c7f8881ff7f80908aa48a7f6bb261f1d199
- SSDEEP
  
  49152:KO+LIFYAPZtMym9RRQ7/KKIXSewIa/2Xqq1sfeOoKGOh6EwNmiHYYwBrK8KMlH0p:IGoKZdRqJD10rK8KMlH0gi5GX0oKZ
Score

1^/10
behavioral10
- Target
  
  SteamTools.exe
- Size
  
  1.7MB
- MD5
  
  e45bfb5edcc03451a85bc505298fbc16
- SHA1
  
  7ffaf05f77882652cc66dca60da2de9550fe6430
- SHA256
  
  7afcb8d488f34e284deef1559dbc0d46d1bd68e226928e5b583169a1fd275842
- SHA512
  
  8772a6e7a28d62c5bcf1161ffdda7124247a098e6e8ab56b45a71258c9c6524d695f1ea7109bd91027963a45ad6a36b8675dc174eaaf47ec27d3886390e03640
- SSDEEP
  
  24576:YsCreC/B5DjyIY20J2mly2FpTEYq9cRqbxCfWydQ+tD:Ys8B5DmIi59ZEYqi8o5D
Score

1^/10
behavioral11
- Target
  
  imageformats/qico.dll
- Size
  
  37KB
- MD5
  
  a9abd4329ca364d4f430eddcb471be59
- SHA1
  
  c00a629419509929507a05aebb706562c837e337
- SHA256
  
  1982a635db9652304131c9c6ff9a693e70241600d2ef22b354962aa37997de0b
- SHA512
  
  004ea8ae07c1a18b0b461a069409e4061d90401c8555dd23dbf164a08e96732f7126305134bfaf8b65b0406315f218e05b5f0f00bedb840fb993d648ce996756
- SSDEEP
  
  768:zBXBEfQiAzC9Oh5AS7a3Z5OGrTDeV9mp7nnsWdDGgYUf2hi/:8JAzuOhy3zOGrTDeV9mp7nnsWjYUfz
Score

1^/10
behavioral12
- Target
  
  msvcp140.dll
- Size
  
  612KB
- MD5
  
  ba72c2f6f465926980adc2fb7f8b3490
- SHA1
  
  63de0e3c14d0f45c1edab1c3ecd4adfb78ee8cdd
- SHA256
  
  86881a7054532019291c162f0a8177980c1c2b45490f7e88543f22915d08d9ff
- SHA512
  
  05136a8dde4359efd112341b12e0545accc8d018e4fa7495b071197833a0227bd50879d7753b61582505b8e2286f845604008bd2020e689e148037a9ef7d7474
- SSDEEP
  
  12288:lOpw3ob/5jh6lN0RXhsdufjqDZZX/t5xTOKGmm75s79s8gywMQEKZm+jWodEEVo+:r3ob/5jh6lN0RXhsdufjqDZZX/t5xTOh
Score

1^/10
behavioral13
- Target
  
  msvcp140_1.dll
- Size
  
  30KB
- MD5
  
  18a6c1a3d630dfcbc227082d5b06681a
- SHA1
  
  6634a25660e5843cf7fba6dc09b9dfcb698432a5
- SHA256
  
  af589d441cd97638b1a0b9192a4014c52b64b35ecf5437caa65f27b3583e07aa
- SHA512
  
  5716e41de4f2ed7fee286c898411d99e11392f60df91b2423539c51016a7b9a12945087e6d1a47256c084ceb06556334ef03e34a8647d704582abe5745292581
- SSDEEP
  
  384:NlKX7EGOdlBJkQhnlVI/GD2Wcg53Wco+F0GftpBjLHc4HRN7hlI5e368:nKoBJkQhlVl3v+ixBIe68
Score

1^/10
behavioral14
- Target
  
  platforms/qwindows.dll
- Size
  
  1.4MB
- MD5
  
  4931fcd0e86c4d4f83128dc74e01eaad
- SHA1
  
  ac1d0242d36896d4dda53b95812f11692e87d8df
- SHA256
  
  3333ba244c97264e3bd19db5953efa80a6e47aaced9d337ac3287ec718162b85
- SHA512
  
  0396bccda43856950afe4e7b16e0f95d4d48b87473dc90cf029e6ddfd0777e1192c307cfe424eae6fb61c1b479f0ba1ef1e4269a69c843311a37252cf817d84d
- SSDEEP
  
  24576:4mCSPJrAbXEEuV9Hw2SoYFo3HdxjEgqJkLdLu5qpmZuhg/A2b:nPlIEEuV9Hw2SFFWHdWZsdmqja/A2b
Score

1^/10
behavioral15
- Target
  
  vcruntime140.dll
- Size
  
  83KB
- MD5
  
  0c583614eb8ffb4c8c2d9e9880220f1d
- SHA1
  
  0b7fca03a971a0d3b0776698b51f62bca5043e4d
- SHA256
  
  6cadb4fef773c23b511acc8b715a084815c6e41dd8c694bc70090a97b3b03fb9
- SHA512
  
  79bbf50e38e358e492f24fe0923824d02f4b831336dae9572540af1ae7df162457d08de13e720f180309d537667bc1b108bdd782af84356562cca44d3e9e3b64
- SSDEEP
  
  1536:ikqwmvKrSgB91BDJ25Tg/G0G5r4Gt7qNBPS9DH6ecboHjPxu+dBsi6:i3CuavtckJSVqNBPSUecboHjPx/O
Score

1^/10
behavioral16
- Target
  
  vcruntime140_1.dll
- Size
  
  43KB
- MD5
  
  3b22b2ec303b0721827dd768c87df6ed
- SHA1
  
  86f8af095cf7368ccbff2d0fd6d33586145acd2b
- SHA256
  
  3b792da47040c3b3e0804cdc5153eef4e802b6975963029d8dc360cb824a7b62
- SHA512
  
  79db774980ee132797f7e7dbc0e055b724d8fbf0e4917523b285f918730adfff81022cc6f5e15469b011d55501fd7b085bc070e9ecdfb75c05f4d6622a7f2475
- SSDEEP
  
  384:GRiuauREnUUWU55vZvS05fJjPg2h1RWmbzA+XfAXxy85xH0f9lWrGKWVQRpBj0HP:DJnUUV7xPg4RdPvv2DHkR+W+1CP
Score

1^/10
behavioral17