× I cookies sono disabilitati! Questo sito richiede i cookies abilitati per funzionare correttamente
SHA256: 666fce928e782e2f63951d6ecd938aa71df78913da65917b51e1b4739789e80d
Nome del file: SteamGuard.exe
Rapporto rilevamento: 40 / 54
Data analisi: 2016-06-30 10:23:58 UTC ( 1 anno, 3 mesi fa )
Antivirus Risultato Aggiornamento
Ad-Aware Trojan.PWS.OnlineGames.KEKC 20160701
AegisLab Troj.Pws.Onlinegames!c 20160701
Yandex Trojan.PWS.Steam!CQQAiWQvSn4 20160630
AhnLab-V3 Trojan/Win32.Suspicious.N1236862896 20160630
ALYac Trojan.PWS.OnlineGames.KEKC 20160701
Antiy-AVL Trojan/Win32.SGeneric 20160701
Arcabit Trojan.PWS.OnlineGames.KEKC 20160701
AVG PSW.MSIL.VIL 20160701
AVware Trojan.Win32.Generic!BT 20160701
BitDefender Trojan.PWS.OnlineGames.KEKC 20160701
CAT-QuickHeal Trojan.MSI.r3 20160630
Comodo UnclassifiedMalware 20160701
DrWeb Trojan.PWS.Steam.335 20160701
Emsisoft Trojan.PWS.OnlineGames.KEKC (B) 20160701
ESET-NOD32 MSIL/PSW.Steam.CZ 20160701
F-Secure Trojan.PWS.OnlineGames.KEKC 20160630
Fortinet MSIL/Steam.CZ!tr.pws 20160701
GData Trojan.PWS.OnlineGames.KEKC 20160701
Ikarus Trojan.MSIL.PSW 20160630
K7AntiVirus Password-Stealer ( 004aa2621 ) 20160630
K7GW Password-Stealer ( 004aa2621 ) 20160630
Kaspersky Trojan.MSIL.Agent.fdyw 20160701
Kingsoft Win32.PSWTroj.Undef.(kcloud) 20160701
McAfee Artemis!7FDCFDAB72C6 20160701
McAfee-GW-Edition Artemis!Trojan 20160630
Microsoft Trojan:Win32/Skeeyah.A!bit 20160701
eScan Trojan.PWS.OnlineGames.KEKC 20160701
NANO-Antivirus Trojan.Win32.Agent.ddycdb 20160701
nProtect Trojan/W32.Agent.48856.C 20160630
Panda Trj/CI.A 20160630
Qihoo-360 Win32/Trojan.fca 20160701
Sophos AV Mal/Generic-S 20160701
Symantec Infostealer 20160630
Tencent Msil.Trojan.Agent.Angm 20160701
TotalDefense Win32/Gamepass.ceYZYTC 20160701
VBA32 Trojan.MSIL.Agent 20160630
VIPRE Trojan.Win32.Generic!BT 20160701
ViRobot Trojan.Win32.Z.Steam.48856[h] 20160701
Yandex Trojan.PWS.Steam!CQQAiWQvSn4 20160630
Zillya Trojan.Steam.Win32.441 20160630
Alibaba 20160701
Baidu 20160630
Bkav 20160630
ClamAV 20160701
CMC 20160630
Cyren 20160701
F-Prot 20160701
Jiangmin 20160701
Malwarebytes 20160630
SUPERAntiSpyware 20160630
TheHacker 20160630
TrendMicro 20160701
TrendMicro-HouseCall 20160701
Zoner 20160701
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
Authenticode signature block and FileVersionInfo properties
Copyright
Copyright © Valve 2014

Original name SteamGuard.exe
Internal name SteamGuard.exe
File version 1.0.0.0
Description Valve Corporation
Signature verification Signed file, verified signature
Signing date 12:12 PM 8/7/2014
Signers
[+] Valve
Status The certificate or certificate chain is based on an untrusted root.
Issuer Valve
Valid from 12:12 PM 8/7/2014
Valid to 11:59 PM 12/31/2039
Valid usage Code Signing
Algorithm sha1RSA
Thumbprint 3B04A5C585A6A5D49BA6AB53900A585CD4162373
Serial number 9D FD E4 9A 5F 7F 48 B3 46 80 C9 05 FF 9D EE 03
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2014-08-07 16:12:00
Entry Point 0x0000892A
Number of sections 3
.NET details
Module Version ID 15edb5d2-16db-4b0a-912c-82d33795c32d
TypeLib ID 9d7fdae0-f199-44cd-a35f-568ca746c930
PE sections
Overlays
MD5 42b9a8b885cef5c8592c5c747e9d52c1
File type data
Offset 45056
Size 3800
Entropy 7.34
PE imports
_CorExeMain
Number of PE resources by type
RT_ICON 3
RT_MANIFEST 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
NEUTRAL 6
PE resources
ExifTool file metadata
SubsystemVersion
4.0

LinkerVersion
8.0

ImageVersion
0.0

FileVersionNumber
1.0.0.0

UninitializedDataSize
0

LanguageCode
Neutral

FileFlagsMask
0x003f

CharacterSet
Unicode

InitializedDataSize
17408

EntryPoint
0x892a

OriginalFileName
SteamGuard.exe

MIMEType
application/octet-stream

LegalCopyright
Copyright Valve 2014

FileVersion
1.0.0.0

TimeStamp
2014:08:07 16:12:00+00:00

FileType
Win32 EXE

PEType
PE32

InternalName
SteamGuard.exe

ProductVersion
1.0.0.0

FileDescription
Valve Corporation

OSVersion
4.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CodeSize
27136

FileSubtype
0

ProductVersionNumber
1.0.0.0

FileTypeExtension
exe

ObjectFileType
Executable application

AssemblyVersion
1.0.0.0

Compressed bundles
File identification
MD5 7fdcfdab72c64dcdc45d7ec6bdd2abfc
SHA1 47229d9552c0e729427096b4f83940c699ac101c
SHA256 666fce928e782e2f63951d6ecd938aa71df78913da65917b51e1b4739789e80d
ssdeep
768:R0wzofdmSG9RNwbwTfPfV7wR65Y3gv30eEKBmIPgPrulMgyGtKR42:R0w9XvxwR65Y3gvkeEKBdPcsKG2

authentihash 40b8e2c97cd78d0342bbb47ccfb6bb11ec1b14f9e1d56ee484e9b1e7f588c13c
imphash f34d5f2d4577ed6d9ceec516c1f5a744
File size 47.7 KB ( 48856 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit Mono/.Net assembly

TrID Win64 Executable (generic) (64.6%)
Win32 Dynamic Link Library (generic) (15.3%)
Win32 Executable (generic) (10.5%)
Generic Win/DOS Executable (4.6%)
DOS Executable Generic (4.6%)
Tags
peexe assembly signed overlay

VirusTotal metadata
First submission 2014-08-07 12:39:48 UTC ( 3 anni, 2 mesi fa )
Last submission 2016-06-30 10:23:58 UTC ( 1 anno, 3 mesi fa )
Nomi dei files SteamGuard.ex
file-7323622_stealer
SteamGuard.exe.vir
7FDCFDAB72C64DCDC45D7EC6BDD2ABFC
SteamGuard.exe";filename*=UTF-8''SteamGuard.exe
SteamGuard.exe.20140811.stealer
$RB6KNZ4.exe
SteamGuard.exe
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
Nessun commento. Nessun membro della Comunità di VirusTotal ha commentato questo item, sii il primo a farlo!

Lascia il tuo commento...

?
Posta commento

Non ti sei ancora collegato. Solo gli utenti registrati possono commentare, collegati ed esprimi il tuo giudizio!

Nessun voto. Nessuno ha ancora votato questo item, sii il primo a farlo!