Interesting analysis of Steam Malware from a Redditor

  • 19 August 2015
  • 1 reply

Userlevel 3
Badge +10
Hi all,
If you use Steam you may have seen dodgy links being pushed on you. In this case a bad Steam link downloads an SCR file.
.SCR was originally a Screensaver file extension but it has been increasingly used in recent times to hide Malware. Here in Webroot's Threat team we see .SCR Malware all the time.
If anyone wants to peek a little bit into the kinds of things done in Malware analysis there is a good post on Reddit (/r/Malware)  from a few days ago where one of these malicious files is deconstructed.
When I read about this I checked this file on our Threat Intelligence Network and it was first seen Aug 16 at 18:14 and thankfully marked bad right away. This is because we had rules in place since Nov 6th 2014 that would have kept our customers covered.
Stay safe!
Webroot's Threat Team

1 reply

Userlevel 2
Only one hit on VirusTotal when that post was made?
It's nice to know we were one of the first to catch this.