× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 452a0b7b5b2b6e603b8884e74d718b5eab0cf903271064a407c767419fbfa330
File name: streaming_client.exe (buildbot_steam-relclient-win32-builder_stea...
Detection ratio: 49 / 67
Analysis date: 2018-04-10 20:43:51 UTC ( 2 months, 2 weeks ago )
Antivirus Result Update
Ad-Aware DeepScan:Generic.BitCoinMiner.3.04EBAB31 20180410
AegisLab Troj.W32.Gen.lXNp 20180410
AhnLab-V3 Downloader/Win32.Upatre.C2342564 20180410
ALYac DeepScan:Generic.BitCoinMiner.3.04EBAB31 20180410
Antiy-AVL Trojan[Downloader]/Win32.Upatre 20180410
Arcabit DeepScan:Generic.BitCoinMiner.3.04EBAB31 20180410
Avast Win32:Malware-gen 20180410
AVG Win32:Malware-gen 20180410
Avira (no cloud) TR/CoinMiner.kpgxh 20180410
AVware Trojan.Win32.Generic!BT 20180410
Baidu Win32.Trojan.WisdomEyes.16070401.9500.9821 20180410
BitDefender DeepScan:Generic.BitCoinMiner.3.04EBAB31 20180410
Bkav HW32.Packed.8BD9 20180410
CAT-QuickHeal TrojanDownloader.Upatre 20180410
Comodo UnclassifiedMalware 20180410
CrowdStrike Falcon (ML) malicious_confidence_90% (D) 20170201
Cylance Unsafe 20180410
DrWeb Trojan.MulDrop7.58504 20180410
Emsisoft DeepScan:Generic.BitCoinMiner.3.04EBAB31 (B) 20180410
Endgame malicious (high confidence) 20180402
ESET-NOD32 Win32/CoinMiner.ARI 20180410
F-Secure DeepScan:Generic.BitCoinMiner.3.04EBAB31 20180410
Fortinet W32/CoinMiner.ARI!tr 20180410
GData DeepScan:Generic.BitCoinMiner.3.04EBAB31 20180410
Ikarus Trojan.Win32.CoinMiner 20180410
Sophos ML heuristic 20180120
K7AntiVirus Trojan ( 0051a19d1 ) 20180410
K7GW Trojan ( 0051a19d1 ) 20180410
Kaspersky HEUR:Trojan.Win32.Generic 20180410
Malwarebytes Trojan.MalPack.Themida 20180410
McAfee Artemis!CD9FD9C94565 20180410
McAfee-GW-Edition BehavesLike.Win32.Generic.vc 20180410
Microsoft Trojan:Win32/Tiggre!rfn 20180410
eScan DeepScan:Generic.BitCoinMiner.3.04EBAB31 20180410
NANO-Antivirus Riskware.Win32.BitMiner.ewvkmj 20180410
Palo Alto Networks (Known Signatures) generic.ml 20180410
Panda Trj/CI.A 20180410
Qihoo-360 Win32/Trojan.Downloader.c26 20180410
SentinelOne (Static ML) static engine - malicious 20180225
Sophos AV Mal/Generic-S 20180410
Symantec Trojan.Gen.2 20180410
Tencent Win32.Trojan.Generic.Tbsp 20180410
TrendMicro TROJ_GEN.R002C0WAA18 20180410
TrendMicro-HouseCall TROJ_GEN.R002C0WAA18 20180410
VBA32 TrojanDownloader.Upatre 20180410
VIPRE Trojan.Win32.Generic!BT 20180410
Yandex Trojan.DL.Upatre! 20180410
Zillya Downloader.Upatre.Win32.64901 20180410
ZoneAlarm by Check Point HEUR:Trojan.Win32.Generic 20180410
Alibaba 20180410
Avast-Mobile 20180410
ClamAV 20180410
CMC 20180410
Cybereason None
Cyren 20180410
eGambit 20180410
F-Prot 20180410
Jiangmin 20180410
Kingsoft 20180410
MAX 20180410
nProtect 20180410
Rising 20180410
SUPERAntiSpyware 20180410
Symantec Mobile Insight 20180406
TheHacker 20180410
TotalDefense 20180410
Trustlook 20180410
ViRobot 20180410
Webroot 20180410
WhiteArmor 20180408
Zoner 20180410
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright (C) 2013 Valve Corporation

Product Steam
Original name streaming_client.exe
Internal name streaming_client.exe (buildbot_steam-relclient-win32-builder_steam_rel_client_win32@steam-relclient-win32-builder)
File version 04.11.49.78
Description streaming_client.exe
Packers identified
F-PROT embedded
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2017-10-26 16:15:21
Entry Point 0x0060B000
Number of sections 8
PE sections
PE imports
Number of PE resources by type
RT_ICON 9
RT_VERSION 2
RT_MANIFEST 1
SCID 1
RT_GROUP_ICON 1
Number of PE resources by language
ENGLISH US 12
NEUTRAL 2
PE resources
ExifTool file metadata
SubsystemVersion
5.1

InitializedDataSize
359936

ImageVersion
0.0

ProductName
Steam

FileVersionNumber
4.11.49.78

UninitializedDataSize
0

LanguageCode
English (U.S.)

FileFlagsMask
0x0017

LinkerVersion
10.0

CharacterSet
Unicode

SourceControlID
4114978

FileTypeExtension
exe

OriginalFileName
streaming_client.exe

MIMEType
application/octet-stream

Subsystem
Windows GUI

FileVersion
04.11.49.78

TimeStamp
2017:10:26 16:15:21+00:00

FileType
Win32 EXE

PEType
PE32

InternalName
streaming_client.exe (buildbot_steam-relclient-win32-builder_steam_rel_client_win32@steam-relclient-win32-builder)

ProductVersion
01.00.00.01

FileDescription
streaming_client.exe

OSVersion
5.1

FileOS
Win32

LegalCopyright
Copyright (C) 2013 Valve Corporation

MachineType
Intel 386 or later, and compatibles

CompanyName
Valve Corporation

CodeSize
163328

FileSubtype
0

ProductVersionNumber
1.0.0.1

EntryPoint
0x60b000

ObjectFileType
Executable application

Compressed bundles
File identification
MD5 cd9fd9c9456503094e6d2c25952bb39c
SHA1 d67bbbfb3e9d7ad28416e305f6e57ddcb69ef8e7
SHA256 452a0b7b5b2b6e603b8884e74d718b5eab0cf903271064a407c767419fbfa330
ssdeep
49152:s69k9XGX+D5khv/LNtnmvvDFJKpq8lDKxgBu4171LTcT5l7mGKzdOAN:h9k92OVk1LDmvLOpWxgBu41BTY5dmGMw

authentihash 3ea76a14ec31b5068a3f8e00a097c420af2e0b5eefbf65eba6af22f3ac25eb77
imphash 2eabe9054cad5152567f0699947a2c5b
File size 2.7 MB ( 2876928 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (41.0%)
Win64 Executable (generic) (36.3%)
Win32 Dynamic Link Library (generic) (8.6%)
Win32 Executable (generic) (5.9%)
OS/2 Executable (generic) (2.6%)
Tags
peexe

VirusTotal metadata
First submission 2018-01-10 01:40:50 UTC ( 5 months, 2 weeks ago )
Last submission 2018-01-10 01:40:50 UTC ( 5 months, 2 weeks ago )
File names 1032-d67bbbfb3e9d7ad28416e305f6e57ddcb69ef8e7
streaming_client.exe
streaming_client.exe (buildbot_steam-relclient-win32-builder_steam_rel_client_win32@steam-relclient-win32-builder)
cd9fd9c9456503094e6d2c25952bb39c.virus
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Copied files
Deleted files
Created processes
Shell commands
Opened mutexes
Runtime DLLs
HTTP requests
DNS requests
TCP connections