diff --git a/yml/3rd_party/valve/vstdlib_s64.yml b/yml/3rd_party/valve/vstdlib_s64.yml
new file mode 100644
index 0000000..df431d4
--- /dev/null
+++ b/yml/3rd_party/valve/vstdlib_s64.yml
@@ -0,0 +1,28 @@
+---
+Name: vstdlib_s64.dll
+Author: Still Hsu
+Created: 2024-09-24
+Vendor: Valve
+ExpectedLocations:
+- '%PROGRAMFILES%\Steam'
+VulnerableExecutables:
+- Path: '%PROGRAMFILES%\Steam\steamerrorreporter64.exe'
+  Type: Sideloading
+  ExpectedVersionInformation:
+  - FileDescription: steamerrorreporter.exe
+    InternalName: steamerrorreporter.exe
+    OriginalFilename: steamerrorreporter.exe
+    ProductName: Steam
+  ExpectedSignatureInformation:
+  - Subject: CN=Valve Corp., O=Valve Corp., L=Bellevue, S=Washington, C=US
+    Issuer: CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA, O="DigiCert, Inc.", C=US
+    Type: Authenticode
+  SHA256:
+  - 0a0c09753b5103e86e32c2d8086dd1399f0d97a00e1525ec9c390067cdb242ba
+Resources:
+  - https://github.com/PaloAltoNetworks/Unit42-timely-threat-intel/blob/main/2024-09-19-IOCs-for-file-downloader-to-Lumma-Stealer.txt
+  - https://twitter.com/Unit42_Intel/status/1837137726409158770
+Acknowledgements:
+  - Name: Unit 42
+    Twitter: '@Unit42_Intel'
+