steam hack.exe

WindowsApplication1

The executable steam hack.exe has been detected as malware by 5 anti-virus scanners. This is a setup program which is used to install the application. The file has been seen being downloaded from www106.zippyshare.com.
Product:
WindowsApplication1

Version:
1.0.0.0

MD5:
ce88c293df93cd48c86ed0934a84a6fd

SHA-1:
aa6238375cf280e5330026d74a01e7e665963853

SHA-256:
408712ae53fdad273f2c7bad8338029badb7d8d3bf4548244ddb4e207ef9d0b9

Scanner detections:
5 / 68

Status:
Malware

Analysis date:
12/25/2024 5:35:32 AM UTC  (today)

Scan engine
Detection
Engine version

AegisLab AV Signature
Troj.W32.Gen.lWIu
2.1.4+

Baidu Antivirus
Win32.Trojan.WisdomEyes.151026.9950
4.0.3.16720

ESET NOD32
MSIL/TrojanDownloader.Agent.BOH (variant)
10.13826

Fortinet FortiGate
MSIL/Agent.BOH!tr.dldr
7/20/2016

Qihoo 360 Security
HEUR/QVM03.0.0000.Malware.Gen
1.0.0.1120

File size:
147.5 KB (151,040 bytes)

Product version:
1.0.0.0

Copyright:
Copyright © 2016

Original file name:
WindowsApplication3.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\steam hack.exe

File PE Metadata
Compilation timestamp:
7/19/2016 4:26:31 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
3072:l3W0UZgJlhZZNxFaSF0X2hoD6tkfbAZx5sJoA0H4LTiy+p2pxezVFNNWdXBNYv91:mgJlhZZNxFaSF0X2hoD6tkfbAZx5st07

Entry address:
0x25BFE

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
143.5 KB (146,944 bytes)

The file steam hack.exe has been seen being distributed by the following URL.

Remove steam hack.exe - Powered by Reason Core Security