Steam Account Checker Poisoned with Infostealer - SANS Internet Storm Center
Tags
country: Singapore
attack-pattern: Data Malware - T1587.001 Malware - T1588.001 Python - T1059.006
Show in Graph
Common Information
Type Value
UUID 83c7c115-3155-4758-8d82-e85cb6704d2f
Fingerprint 8325f11c1ee4df
Analysis status DONE
Considered CTI value 0
Text language
Published Nov. 7, 2024, midnight
Added to db Nov. 7, 2024, 10:55 a.m.
Last updated Nov. 17, 2024, 7:44 p.m.
Headline Internet Storm Center
Title Steam Account Checker Poisoned with Infostealer - SANS Internet Storm Center
Detected Hints/Tags/Attributes 29/2/23
Source URLs
Redirection Url
Details Source https://isc.sans.edu/diary/rss/31420
URL Provider
Details Provider Source level domain
Details sans.edu isc.sans.edu
RSS Feed
Details Id Enabled Feed title Url Added to db
Details 142 SANS Internet Storm Center, InfoCON: green https://isc.sans.edu/rssfeed_full.xml 2024-08-30 22:08
Attributes
Details Type #Events CTI Value
Details Domain 6 
checker.py
Details Domain 19 
base64dump.py
Details Domain 28 
subprocess.run
Details Domain 2 
gruppe.py
Details Domain 1 
dieserbenni.ru
Details Domain 8 
response.read
Details Domain 4127 
github.com
Details Domain 2 
store.steampowered.com
Details Domain 425 
isc.sans.edu
Details File 7 
checker.py
Details File 18 
base64dump.py
Details File 123 
os.sys
Details File 2125 
cmd.exe
Details File 31 
sys.exe
Details File 1 
'gruppe.py
Details File 2 
exodus.exe
Details Github username 1 
adexcedaom
Details Url 1 
https://dieserbenni.ru/paste?repo=steam-account-checker').text.replace('<pre>','').replace
Details Url 1 
https://dieserbenni.ru/app.asar
Details Url 1 
https://dieserbenni.ru/delivery.
Details Url 1 
https://store.steampowered.com
Details Url 1 
https://github.com/adexcedaom/steam-account-checker
Details Url 1 
https://isc.sans.edu/diary/python