PUA

About “Steam (PUA)” infection

Malware Removal

The Steam (PUA) is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
6-day free trial available.

What Steam (PUA) virus can do?

  • Executable code extraction
  • Creates RWX memory
  • At least one IP Address, Domain, or File Name was found in a crypto call
  • Reads data out of its own binary image
  • The binary likely contains encrypted or compressed data.
  • Network activity detected but not expressed in API logs

How to determine Steam (PUA)?


File Info:

crc32: CFADD2DA
md5: 5e13db6539d490310e2c5ccdc19841d4
name: 5E13DB6539D490310E2C5CCDC19841D4.mlw
sha1: 7294a51bd06db768807ad6c33392f3b61bc0b447
sha256: 5adcb64d7659c974fa0f4582d08564c3cef79b8fce1de52bc780211e3ecf2e44
sha512: 24af7559b3dc3a1cf549dcd954661d10c3a3b6445fc50adf9cb58af9ce5b3571a9b2cf57127f208c66c51b00afa472d2010d6ecdc504015781bf2607d0b2362c
ssdeep: 24576:6jGlwRzEvy3ahE6lptMyDbztYjmdw2GrZQAE:64Ugvy3a9ntMynztY52GrZQAE
type: PE32 executable (DLL) (GUI) Intel 80386, for MS Windows

Version Info:

LegalCopyright: *!ReLOADeD!*
InternalName: steam_api
FileVersion: 2,9,0,0
CompanyName: *!ReLOADeD!*
ProductName: Steam API
ProductVersion: 2,9,0,0
FileDescription: Steam API
OriginalFilename: steam_api
Translation: 0x0409 0x04b0

Steam (PUA) also known as:

BkavW32.AIDetectVM.malware1
CynetMalicious (score: 100)
CAT-QuickHealTrojan.Occamy
CylanceUnsafe
SangforMalware
CrowdStrikewin/malicious_confidence_60% (D)
AlibabaHackTool:Win32/Crack.088e8f33
K7GWTrojan ( 00563cb01 )
K7AntiVirusTrojan ( 00563cb01 )
CyrenW32/S-7034927e!Eldorado
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of Win32/HackTool.Crack.CS potentially unsafe
AvastFileRepMalware [PUP]
SophosSteam (PUA)
ComodoMalware@#1szaqyprvf64d
VIPRETrojan.Win32.Generic!BT
TrendMicroHT_CRACK_GA270789.UVPM
McAfee-GW-EditionBehavesLike.Win32.CrackReloaded.cc
FireEyeGeneric.mg.5e13db6539d49031
EmsisoftApplication.GameHack (A)
SentinelOneStatic AI – Malicious PE
JiangminTrojan.Generic.fxdj
Antiy-AVLTrojan/Win32.SGeneric
MicrosoftPUA:Win32/Presenoker
GridinsoftCrack.Win32.GameHack.dd!n
AegisLabRiskware.Win32.Crack.1!c
McAfeeCrack-Reloaded
VBA32Trojan.Occamy
MalwarebytesMalware.Heuristic.1001
PandaTrj/CI.A
TrendMicro-HouseCallHT_CRACK_GA270789.UVPM
RisingTrojan.Generic@ML.93 (RDMK:XBEljp8HO78yKCaIQbg3xA)
YandexPUP.Crack!PMJOhs4LLEg
IkarusPUA.HackTool.Steam
FortinetRiskware/Crack
AVGFileRepMalware [PUP]

How to remove Steam (PUA)?

Steam (PUA) removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment