3e3ab416abadd9093b15f9dcce92f3530709aba8addff16a74e89bd3a7bfd8fd | Triage

Submit
Reports

Overview

overview

Static

static

SecuriteIn...59.exe

windows7_x64

8

SecuriteIn...59.exe

windows10_x64

Sharing

General

Target

SecuriteInfo.com.Trojan.PWS.Steam.18359.22695.22959
Size

729KB
Sample

200801-6feys3e6a6
MD5

532524e6b61b197d92f3bd4ed3331d3d
SHA1

f1009c96203862812cefa14e186dcff610ccc634
SHA256

3e3ab416abadd9093b15f9dcce92f3530709aba8addff16a74e89bd3a7bfd8fd
SHA512

5b83ef335563332bb62445ce0d180db0544b793a88b60efb122c990bfe5c00f6bbe5ed5e0437bf59415b989d85f85060434d6aa7b4c1a465672298c142079e03

Score

10^/10

Static task

static1

Behavioral task

behavioral1

Sample

SecuriteInfo.com.Trojan.PWS.Steam.18359.22695.22959.exe

Resource

win7

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

SecuriteInfo.com.Trojan.PWS.Steam.18359.22695.22959.exe

Resource

win10

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  SecuriteInfo.com.Trojan.PWS.Steam.18359.22695.22959
- Size
  
  729KB
- MD5
  
  532524e6b61b197d92f3bd4ed3331d3d
- SHA1
  
  f1009c96203862812cefa14e186dcff610ccc634
- SHA256
  
  3e3ab416abadd9093b15f9dcce92f3530709aba8addff16a74e89bd3a7bfd8fd
- SHA512
  
  5b83ef335563332bb62445ce0d180db0544b793a88b60efb122c990bfe5c00f6bbe5ed5e0437bf59415b989d85f85060434d6aa7b4c1a465672298c142079e03
Score

10^/10
- Suspicious use of NtCreateProcessExOtherParentProcess
- ServiceHost packer
  Detects ServiceHost packer used for .NET malware
- Executes dropped EXE
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scheduled Task

Persistence

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy