IOC Radar
TLP:WHITE19 IOCs

Dozens of malicious wallpapers found on Steam Workshop: gamers’ accounts at risk

SE
Securelist
Published June 16, 2026Original Report

Threat Actors

Malware Families

Diamond Model

SOCIAL AXISTECHNOLOGY AXISADVERSARYPlayINFRASTRUCTUREhttp://202.144.192.29…http://120.48.156.17/…http://202.144.192.29CAPABILITYLummaPlayVidarVICTIMunknown
Adversary(1)
Infrastructure(6)
Capability(3)
Victim

5W+H Threat Analysis

Analysis unavailable

Indicators of Compromise

Indicators of Compromise19

TypeIndicatorConfidenceScoreFirst Seen
URLhttp://202.144.192.29/audit.php
exploitintel-blogmalware
High
58
Jun 17, 26
MD5fe1f6485013cd5e6d5cf718049b0b8d6
exploitfile-hashintel-blog
Medium
53
Jun 17, 26
URLhttp://120.48.156.17/ey.php?ka=user1&amp;id</a></li>
exploitintel-blogmalware
High
58
Jun 17, 26
MD50f4f01c6d495abb37403072dd017ce8d
exploitfile-hashintel-blog
Medium
53
Jun 17, 26
MD5ded08ae5df7f1b12e5fdb767dbbed0b1
exploitfile-hashintel-blog
Medium
53
Jun 17, 26
MD520965254e29104986e11939decd39549
exploitfile-hashintel-blog
Medium
53
Jun 17, 26
URLhttp://202.144.192.29
exploitintel-blogmalware
High
58
Jun 17, 26
MD595856f2ce428c728d9781d3296558068
exploitfile-hashintel-blog
Medium
53
Jun 17, 26
MD5af080780cca2acd1d082ce01e7cc346a
exploitfile-hashintel-blog
Medium
53
Jun 17, 26
URLhttp://120.48.156.17/ey.php.
aptespionageintel-blog
High
58
Jun 17, 26
MD55620f01284329f561b1839a36be55355
exploitfile-hashintel-blog
Medium
53
Jun 17, 26
MD574414ed4b63aadec039b603c32762b80
exploitfile-hashintel-blog
Medium
53
Jun 17, 26
URLhttp://120.48.156.17
aptespionageintel-blog
High
58
Jun 17, 26
MD5d1693bbff456ae8fa3360446706df6da
exploitfile-hashintel-blog
Medium
53
Jun 17, 26
MD518dedc0009f0927cba6425c84cce9883
exploitfile-hashintel-blog
Medium
53
Jun 17, 26
URLhttp://202.144.192.29/download2/Themes2.zip
exploitintel-blogmalware
High
58
Jun 17, 26
MD58c2cc585ad8a13a72a704c0fda0c9854
exploitfile-hashintel-blog
Medium
53
Jun 17, 26
MD5b9fa763a53da3eea742d0f3c845a8c09
exploitfile-hashintel-blog
Medium
53
Jun 17, 26
MD5c133c3dd9f7d6934598025047df41abf
exploitfile-hashintel-blog
Medium
53
Jun 17, 26

IOC Relationship Graph

IOC Relationship Graph19 total IOCs
URLMD5
MD513URL6Actors1Malware3REPORTDozens of malicious wallpaPlayLummaPlayVidar
scroll to zoom · drag to pan · click IOC to open