× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 452a0b7b5b2b6e603b8884e74d718b5eab0cf903271064a407c767419fbfa330
File name: streaming_client.exe (buildbot_steam-relclient-win32-builder_stea...
Detection ratio: 45 / 67
Analysis date: 2018-10-08 11:05:04 UTC ( 1 week, 3 days ago )
Antivirus Result Update
Ad-Aware DeepScan:Generic.BitCoinMiner.3.04EBAB31 20181008
AegisLab Troj.W32.Gen.lXNp 20181008
AhnLab-V3 Downloader/Win32.Upatre.C2342564 20181008
ALYac DeepScan:Generic.BitCoinMiner.3.04EBAB31 20181008
Antiy-AVL Trojan[Downloader]/Win32.Upatre 20181008
Arcabit DeepScan:Generic.BitCoinMiner.3.04EBAB31 20181008
Avira (no cloud) HEUR/AGEN.1032176 20181008
AVware Trojan.Win32.Generic!BT 20180925
BitDefender DeepScan:Generic.BitCoinMiner.3.04EBAB31 20181008
Bkav HW32.Packed. 20181005
CrowdStrike Falcon (ML) malicious_confidence_100% (D) 20180723
Cybereason malicious.945650 20180225
Cylance Unsafe 20181008
Cyren W32/Trojan.BDSI-0703 20181008
DrWeb Trojan.MulDrop7.58504 20181008
Emsisoft DeepScan:Generic.BitCoinMiner.3.04EBAB31 (B) 20181008
Endgame malicious (high confidence) 20180730
ESET-NOD32 Win32/CoinMiner.ARI 20181008
F-Secure DeepScan:Generic.BitCoinMiner.3.04EBAB31 20181008
Fortinet W32/CoinMiner.ARI!tr 20181008
GData DeepScan:Generic.BitCoinMiner.3.04EBAB31 20181008
Ikarus Trojan.Win32.CoinMiner 20181007
Sophos ML heuristic 20180717
K7AntiVirus Trojan ( 0051a19d1 ) 20181008
K7GW Trojan ( 0051a19d1 ) 20181008
Kaspersky HEUR:Trojan.Win32.Generic 20181008
Malwarebytes Trojan.MalPack.Themida 20181008
McAfee Artemis!CD9FD9C94565 20181008
McAfee-GW-Edition BehavesLike.Win32.Backdoor.vc 20181008
Microsoft Trojan:Win32/Tiggre!rfn 20181008
eScan DeepScan:Generic.BitCoinMiner.3.04EBAB31 20181008
NANO-Antivirus Riskware.Win32.BitMiner.ewvkmj 20181008
Palo Alto Networks (Known Signatures) generic.ml 20181008
Panda Trj/CI.A 20181007
Qihoo-360 Win32/Trojan.Downloader.c26 20181008
SentinelOne (Static ML) static engine - malicious 20180926
Sophos AV Mal/Generic-S 20181008
Symantec Trojan Horse 20181008
Tencent Win32.Trojan.Generic.Tbsp 20181008
TrendMicro TROJ_GEN.R002C0OJ418 20181008
TrendMicro-HouseCall TROJ_GEN.R002C0OJ418 20181008
VBA32 TrojanDownloader.Upatre 20181008
Yandex Trojan.DL.Upatre! 20181005
Zillya Downloader.Upatre.Win32.64901 20181005
ZoneAlarm by Check Point HEUR:Trojan.Win32.Generic 20181008
Alibaba 20180921
Avast-Mobile 20181008
Babable 20180918
Baidu 20181008
CAT-QuickHeal 20181008
ClamAV 20181008
CMC 20181007
Comodo 20181008
eGambit 20181008
F-Prot 20181008
Jiangmin 20181008
Kingsoft 20181008
MAX 20181008
Rising 20181008
SUPERAntiSpyware 20181006
Symantec Mobile Insight 20181001
TACHYON 20181008
TheHacker 20181008
TotalDefense 20181008
Trustlook 20181008
VIPRE 20181007
ViRobot 20181008
Webroot 20181008
Zoner 20181008
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright (C) 2013 Valve Corporation

Product Steam
Original name streaming_client.exe
Internal name streaming_client.exe (buildbot_steam-relclient-win32-builder_steam_rel_client_win32@steam-relclient-win32-builder)
File version 04.11.49.78
Description streaming_client.exe
Packers identified
F-PROT embedded
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2017-10-26 16:15:21
Entry Point 0x0060B000
Number of sections 8
PE sections
PE imports
Number of PE resources by type
RT_ICON 9
RT_VERSION 2
RT_GROUP_ICON 1
SCID 1
RT_MANIFEST 1
Number of PE resources by language
ENGLISH US 12
NEUTRAL 2
PE resources
ExifTool file metadata
UninitializedDataSize
0

InitializedDataSize
359936

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
4.11.49.78

LanguageCode
English (U.S.)

FileFlagsMask
0x0017

LinkerVersion
10.0

FileDescription
streaming_client.exe

ImageFileCharacteristics
Executable, 32-bit

CharacterSet
Unicode

SourceControlID
4114978

EntryPoint
0x60b000

OriginalFileName
streaming_client.exe

MIMEType
application/octet-stream

LegalCopyright
Copyright (C) 2013 Valve Corporation

FileVersion
04.11.49.78

TimeStamp
2017:10:26 17:15:21+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
streaming_client.exe (buildbot_steam-relclient-win32-builder_steam_rel_client_win32@steam-relclient-win32-builder)

ProductVersion
01.00.00.01

SubsystemVersion
5.1

OSVersion
5.1

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Valve Corporation

CodeSize
163328

ProductName
Steam

ProductVersionNumber
1.0.0.1

FileTypeExtension
exe

ObjectFileType
Executable application

Compressed bundles
File identification
MD5 cd9fd9c9456503094e6d2c25952bb39c
SHA1 d67bbbfb3e9d7ad28416e305f6e57ddcb69ef8e7
SHA256 452a0b7b5b2b6e603b8884e74d718b5eab0cf903271064a407c767419fbfa330
ssdeep
49152:s69k9XGX+D5khv/LNtnmvvDFJKpq8lDKxgBu4171LTcT5l7mGKzdOAN:h9k92OVk1LDmvLOpWxgBu41BTY5dmGMw

authentihash 3ea76a14ec31b5068a3f8e00a097c420af2e0b5eefbf65eba6af22f3ac25eb77
imphash 2eabe9054cad5152567f0699947a2c5b
File size 2.7 MB ( 2876928 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (41.0%)
Win64 Executable (generic) (36.3%)
Win32 Dynamic Link Library (generic) (8.6%)
Win32 Executable (generic) (5.9%)
OS/2 Executable (generic) (2.6%)
Tags
peexe

VirusTotal metadata
First submission 2018-01-10 01:40:50 UTC ( 9 months, 1 week ago )
Last submission 2018-10-04 21:35:23 UTC ( 1 week, 6 days ago )
File names cd9fd9c9456503094e6d2c25952bb39c.virus
streaming_client.exe
1032-d67bbbfb3e9d7ad28416e305f6e57ddcb69ef8e7
streaming_client.exe (buildbot_steam-relclient-win32-builder_steam_rel_client_win32@steam-relclient-win32-builder)
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Copied files
Deleted files
Created processes
Shell commands
Opened mutexes
Runtime DLLs
HTTP requests
DNS requests
TCP connections