» SteamUsernameScraper.exe
Overview
Analysis
File Details
Network (1)

SteamUsernameScraper.exe

SteamComboList

The executable SteamUsernameScraper.exe has been detected as malware by 23 anti-virus scanners.

File name:

Product:

SteamComboList

Version:

1.0.0.0

MD5:

39ee7e325783d93a8157346f5a6992f3

SHA-1:

7d4f4dec2c14410e3f1b7188466bbe905036d66e

SHA-256:

11b36ef3ea0ec6aced5a91ca03d3f1202c510bd3280bbd7b2aa8f53464f2b0dd

Scanner detections:

23 / 68

Status:

Malware

Analysis date:

4/25/2024 10:07:14 PM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Trojan.Generic.8762223

856

Agnitum Outpost

Trojan.Badur

7.1.1

Avira AntiVirus

TR/Rogue.8762223

7.11.171.22

avast!

Win32:Malware-gen

2014.9-141002

Baidu Antivirus

Trojan.Win32.Badur

4.0.3.14102

Bitdefender

Trojan.Generic.8762223

1.0.20.1375

Bkav FE

W32.Clodafc.Trojan

1.3.0.4959

Comodo Security

UnclassifiedMalware

19436

Emsisoft Anti-Malware

Trojan.Generic.8762223

8.14.10.02.04

ESET NOD32

MSIL/Packed.Confuser (variant)

8.10377

Fortinet FortiGate

W32/Badur.OHV!tr

10/2/2014

F-Secure

Trojan.Generic.8762223

11.2014-02-10_5

G Data

Trojan.Generic.8762223

14.10.24

IKARUS anti.virus

Backdoor.Win32.DarkKomet

t3scan.1.7.5.0

Kaspersky

Trojan.Win32.Badur

14.0.0.3164

McAfee

Artemis!39EE7E325783

5600.6990

MicroWorld eScan

Trojan.Generic.8762223

15.0.0.825

NANO AntiVirus

Trojan.Win32.Click2.cxfbox

0.28.2.61942

Norman

Suspicious_Gen4.CJSWA

11.20141002

nProtect

Trojan.Generic.8762223

14.09.05.01

Panda Antivirus

Trj/CI.A

14.10.02.04

Rising Antivirus

PE:Trojan.Win32.Generic.14BD2DA7!347942311

23.00.65.14930

VIPRE Antivirus

Trojan.Win32.Generic

32868

File size:

842 KB (862,208 bytes)

Product version:

1.0.0.0

Original file name:

SteamUsernameScraper.exe

File type:

Executable application (Win32 EXE)

File PE Metadata

Compilation timestamp:

1/5/2013 6:13:36 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

8.0

.NET CLR dependent:

Yes

CTPH (ssdeep):

12288:GTKaBbbApkhglFNzJ55jhUgk6B7d+vN6g/giVWcAadstILqXNLqSokIe:XGbbQIglX5jhBgAaqXNLWkIe

Entry address:

0x8000E

Entry point:

FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Developed / compiled with:

Microsoft Visual C# / Basic .NET

Code size:

504.5 KB (516,608 bytes)

The executing file has been seen to make the following network communication in live environments.

TCP (HTTP):

Connects to ec2-54-72-9-51.eu-west-1.compute.amazonaws.com (54.72.9.51:80)

Remove SteamUsernameScraper.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.