6941f4998c8d31028e70cf62c5052999b1a15ee2d615f4eee31173d68cfa60b3

Sharing

Copy URL

Twitter E-mail

General

Target

universe-sandbox-setup.exe
Size

33.8MB
Sample

240701-r57ygaxcld
MD5

1955d19622a549c526711c2204e6998d
SHA1

b16fc993d973977d03387b1949bfe04db5fc2f2d
SHA256

6941f4998c8d31028e70cf62c5052999b1a15ee2d615f4eee31173d68cfa60b3
SHA512

3305389495c3e60fd7cfaf9a09d4eb1c5b478ca10d02170f927ff5970b02b9c5c6d1502e24a1e10682721b21e9e22409302bf83f11dcf6acd5294e66a5ed2f71
SSDEEP

786432:DBWvAHYcdGmvCIZQtD0FzHbO38gE2nU+d+ehaA+1Ibty/NR1U:DBWIHmPIMIHbOs+n/dp+1uw/W

Score

7^/10

Malware Config

Targets

- Target
  
  universe-sandbox-setup.exe
- Size
  
  33.8MB
- MD5
  
  1955d19622a549c526711c2204e6998d
- SHA1
  
  b16fc993d973977d03387b1949bfe04db5fc2f2d
- SHA256
  
  6941f4998c8d31028e70cf62c5052999b1a15ee2d615f4eee31173d68cfa60b3
- SHA512
  
  3305389495c3e60fd7cfaf9a09d4eb1c5b478ca10d02170f927ff5970b02b9c5c6d1502e24a1e10682721b21e9e22409302bf83f11dcf6acd5294e66a5ed2f71
- SSDEEP
  
  786432:DBWvAHYcdGmvCIZQtD0FzHbO38gE2nU+d+ehaA+1Ibty/NR1U:DBWIHmPIMIHbOs+n/dp+1uw/W
Score

7^/10

paypal discovery phishing
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Drops desktop.ini file(s)
- Detected potential entity reuse from brand paypal.
  phishing paypal
behavioral1
- Target
  
  Help/quickreference.htm
- Size
  
  3KB
- MD5
  
  4be3ccea32d7a7730e6ff9c30fc17957
- SHA1
  
  a5507f7261fb3b8ac33583c7eb6f5c3630527c82
- SHA256
  
  b8b60ea31f939c3d2e7dffd72e654f942fc3a5badd06c66720f7bf6632f1472e
- SHA512
  
  a96c7fe40fc98037f60ba9f1f3182cb2a1a33ae5b8e81c62646ae93252451e910d7b6a090f15aa4b902b87aff2385f29e602058f2048b70cddce3fdf60f4c4b6
Score

4^/10
behavioral2
- Target
  
  Help/savesystem.htm
- Size
  
  1KB
- MD5
  
  aabbab99de49ea60be12d40ad0f2c062
- SHA1
  
  53bc7c413bcc77f5ac9b4056911b180d6d887159
- SHA256
  
  da32f1ef0fdf2602cd91ee02c36679bda706b20ccdd7d3ca3dfed56ccd380689
- SHA512
  
  e3313864802419802d8e74823ff144a12361e4b0528931e26be440dcbec7a38bfb8b0a04f16ab89debe4048755b4e30dffcc57bed47b39a301b31c4acc70e107
Score

4^/10
behavioral3
- Target
  
  Help/settings.htm
- Size
  
  1KB
- MD5
  
  038c3c00ef5841f865c19736bda33e8d
- SHA1
  
  c07476c1f5587fabfcfaf837c445096751df4983
- SHA256
  
  8cc02f284cb881287275c9d7018696e30205d6e3037f65bd209a2d5cccda7919
- SHA512
  
  7f3e33c6246035f2d0c851281b8747eba268d32e1a56965d73df283d0e770ed2b265dd57696ca16c2b46fa716bf95cf8da633306a91e473111300a2937e17f76
Score

4^/10
behavioral4
- Target
  
  Help/speedissues.htm
- Size
  
  2KB
- MD5
  
  c39de6ba96a5dd4cbd4aaa7881dc01fb
- SHA1
  
  917132a1ea95e0a5fc6735ae48f81d92cb0e31ce
- SHA256
  
  66d2e00ad79cf575247b477c662cdf18937aa60b9f3dacc305c1fa9c98ab3daf
- SHA512
  
  e6231aa5de0a0af2f41a6a12f1f1f100b05c2706e5b5a09b03c7d24de51522ec05d1b6e2750266ea9aceb1f9bd2605545d758ec4a59d1695c19879974b76c40e
Score

4^/10
behavioral5
- Target
  
  Help/trialexpired.htm
- Size
  
  7KB
- MD5
  
  6c0d854a825258ccc27eb393f4dcd681
- SHA1
  
  a8374a28813f9e104716f5bd507c21a4b2021f11
- SHA256
  
  2230d48d73aa03e5b3aa44f7f24b2c8f9ca9401ff61219c271b567776ac1b754
- SHA512
  
  01d827ab11492402420f4d34e4d4af168d60e739fc624bbb88b9affd60e2d52c8e78fa6edca0da321009a51f03bc78d11b6c1981ab860f52983c9da9a353be29
- SSDEEP
  
  192:SIFSgFPJ4ZVkWUeLpTyQHRldGhvnOSir9Qm:SI/28L43
Score

4^/10
behavioral6
- Target
  
  Help/trialextexpired.htm
- Size
  
  7KB
- MD5
  
  b9df80ff40cde88d81bde0e59b2e8f9a
- SHA1
  
  abb4bfa0c2ce4bc19aad8dd3a1463117bba6ab84
- SHA256
  
  7d834701f29894030541be0f8f7ae01e8bd9097515872782176f31578dc60405
- SHA512
  
  b32efb1173f60bbc82983bbf9031b63f92600ef723a578d17232bbea3aee4494536ab28679c1e8a72e88d231c01c35a7695c4c06699431c3feebe50bf6bfd05b
- SSDEEP
  
  192:SI5xkFPJ4ZVkWUeLpTyQHRldGhvnOSir9Qi:SIU28L4H
Score

4^/10
behavioral7
- Target
  
  Help/trialhalfover.htm
- Size
  
  7KB
- MD5
  
  fb33f184ae3ed2107160e7d2dbebade1
- SHA1
  
  a0ce3f017ffb4c4e3ac8108a40e3a86e8fa67528
- SHA256
  
  539bb2166572b33f07a62cd9457bedde012ccd0e4e824e18df7f6540ce07fa3f
- SHA512
  
  0573309be9768de6228fc58a59e36a28e4343a9ccafa0d774a1fdcc14e43ae6035d1d69bcd3fe62d289a056cd431b2e5191186eac017243b7c55dd14b1ac2b68
- SSDEEP
  
  192:SI8S3FPJ4ZVkWUeLpTyQHRldGhvnOSir9QE:SIV28L4J
Score

4^/10
behavioral8
- Target
  
  Help/trialinfo.htm
- Size
  
  7KB
- MD5
  
  2ea74d514d0d524f55262b3baffcd448
- SHA1
  
  5800e380802c2e60bde68a2e609e8991f9448552
- SHA256
  
  47bb40f3c60c5c8ad44f59f8ff39c9dd0fb7c8ca6174e8e504edc9cde33f297f
- SHA512
  
  15dce74d5ed8041101c46abc36d232e454bc6e4189367b3823ccb0501c93d28dd20fa05fd506db1e4fe65a9c92a3d238425471ffa81dd56aff0b02ecdd8fad22
- SSDEEP
  
  192:SIG0FPJ4ZVkWUeLpTyQHRldGhvnOSir9Qi:SI128L41
Score

4^/10
behavioral9
- Target
  
  Help/welcome.htm
- Size
  
  1KB
- MD5
  
  5a8310ca702edc462cbd58450b4d3468
- SHA1
  
  ba138c0953276d6b9762d6e6f5618f9900e2fdff
- SHA256
  
  4d3f7df3877d350e412924a294d3329f7330f9d0ab1d2437fe90d62d8cbc6209
- SHA512
  
  f6b0716efd8a0f818cac60cf3d266d919c00328ebafa63ff49e674beeb51e03b86cb13a76012b0a7f3eb75f0e50ad6bd0de2dc9194a8a80118a4dfba7408ad30
Score

4^/10
behavioral10
- Target
  
  Help/welcomeback.htm
- Size
  
  1KB
- MD5
  
  cb7bd08e4cb4eec6838aa20b97c7968f
- SHA1
  
  acb39c036d715efd7655dc9184f258020769d89c
- SHA256
  
  8879c8bd9b59bcf1cdd81b35e4b100eadf78ba232e7375ade0820312ad568374
- SHA512
  
  c07164154e1d069630670be9e027325e335a9ef6134d46c8319e4f878a0ba96c695417f9e392be21faef02046f86588e30461ea877ee0490a9487cc587b8d0a9
Score

4^/10
behavioral11
- Target
  
  Help/whatsnew.html
- Size
  
  53KB
- MD5
  
  ae4669c9c3a0d9135ab5012278b61939
- SHA1
  
  40f14da16efd29a9bebedafa8042107cd72b8d6c
- SHA256
  
  a8cd436578b09315337f77967278dbc0738f98b926d3c72ad0088d866d17212f
- SHA512
  
  a345bf6ca77bcc45c285d4bb40a199da088de5529ea36e0da7298bab1b777518c1998eddc68be724ea1a6d308ccb978a04172ea28acaa35d5d06e1e1342e7bcf
- SSDEEP
  
  768:pAX4C7OeYfCgxAKWSUCHwDB78FpPo/nyFQhj3rJ9vA05vwJyP7i:pAIC7OjxHSB7oNnFYPJ20lwJyP7i
Score

4^/10
behavioral12
- Target
  
  Ionic.Zip.Reduced.dll
- Size
  
  192KB
- MD5
  
  4bc812651a45cd28867d6f5cc3543248
- SHA1
  
  6b2f72ea27c47fb465e5036893218eec0ad1161c
- SHA256
  
  1f23b0b063e0f62bf8ab7c9c0fd9fc867db5e1df2300ecc4522ac6bd0d240d00
- SHA512
  
  71b629e1a5b5baf7cc665f3809090a0bea93553015868bc9a2b68bb84fd15ea74c8f6716c9fa1a7c550f173430eb8368015761af13d323bae0351d4a3a9dfab1
- SSDEEP
  
  3072:MJjxUGKK697FCHDEwlkyV0uMcbwIlfBXcjbLRBCUsHgYhj8f/7cSuy7eqItecID6:vR/gOoNcjbtBCUs1YFuQlC
Score

1^/10
behavioral13
- Target
  
  LibNoise.Xna.dll
- Size
  
  38KB
- MD5
  
  32fb9bcc11078e834b3daa0dc8ce198d
- SHA1
  
  11e3b2539932f65c6a55cfbdacbd082edb083f2e
- SHA256
  
  d0c398aab4ff5998b86532f48532f960d0db0690ce4659a154d120d0c85cf9e2
- SHA512
  
  989444eb4432e6c3b40d07293a5c6b11ce5f9a78a2fd5659c6cb642ce2269f5b091d096295d514c1c9bf2f0d97c9861d2c68e604505b38ddaf06e7ee13826325
- SSDEEP
  
  768:KbBw5O+oIsiQAnmepnxOm4s6zn1gEOtavyYOGGHlyLdcvzEGYZIbPDzAPk:FHsPAmOnxO7sSn1rvJGr7z9
Score

1^/10
behavioral14
- Target
  
  MTV3D65.dll
- Size
  
  3.5MB
- MD5
  
  b100b06a2ccbf4a012628fd660a329eb
- SHA1
  
  cde92ee81d618a4b0124de682218661baa7fbfe3
- SHA256
  
  46e1e0c46c9cbdada7072eb605f0b45f1b546613bf66a4327e85ba478ca3789c
- SHA512
  
  f5e1823a7a0f38a839409bcfc7a730ec8116a9a2b09f5abd41993517ed5166c799c18bb406aa98be4893ba0e9c16397cf5df2885c057abb102cdf606373843a1
- SSDEEP
  
  49152:ABPNXoo+tTzI5vBgeR3aKDBGnACMiUcCYlKxkAU:cgeRKKk5WHxkA
Score

1^/10
behavioral15
- Target
  
  Prerequisites/SetupUBOXAssociation.exe
- Size
  
  19KB
- MD5
  
  b32b5ce3b48ff28a4f130fe0c4f80ec5
- SHA1
  
  011625d4882cc17220dccd4f8e2eb17c5c236b70
- SHA256
  
  8f6ecc3ddb094839b4fe92d5ac8990dd3a74eabc9e71c825f27479a026611db0
- SHA512
  
  f99f9a9ba3c99e7c7fcb411e1423d47a4d9665ea4109cb1849cfe0fd2c92697317a7e8b3385c3998d9dcd283a63d8f74c6eed1d6f44acdca19a8cb2b8bee43b2
- SSDEEP
  
  384:Vz0cidFoBQu5VuDXy4MWINTD0b4+7KES:50c8FoBhHYY/
Score

1^/10
behavioral16
- Target
  
  Prerequisites/UpdateFix.exe
- Size
  
  18KB
- MD5
  
  9f2b5dedd1396c4c9b39a9f78d7f0c5d
- SHA1
  
  b14f878154561211a39246590b7f56b5331331f4
- SHA256
  
  e38a44e23afe61b18340780fc5ee0e1e80c41c6fdb9152c838163b396d9b18e5
- SHA512
  
  d0327219556572a06659974065e2587f7a2ca70ca32a7758b2ee223b33acdff62832935318cde9f8dd9cdecbb98525bb1e336d692e7fba8059de78cbf5ab01d2
- SSDEEP
  
  192:tNuLuK/7xWg58KWO4qchDZmaLKnloYU45KktIhfjohHpv8kbHeEPWN8:tNGL/tWg5820xLf453QfjSt8kb+qWN
Score

1^/10
behavioral17
- Target
  
  SlimDX.dll
- Size
  
  3.2MB
- MD5
  
  1129265c56cb12904532f31f713ea0fc
- SHA1
  
  bdfd856b802fa5093b01700957c3736784d7f3ab
- SHA256
  
  a64c8fc2cfb860f7fa76d42942ebfe576a0d401f26ade70b55f9f2f7008409e0
- SHA512
  
  fa8d0b31ac0aa99664e661d6eec6be7fcb7f6c747354980e26a6b86b69c4d8082223c4a1c313ff1e9de3c8ad68d32b4bc72e2e93f4af1c74038eef0ff42b2a79
- SSDEEP
  
  49152:da5AiH6nw9P3rTfgCNfUMQCH8YgWXHeg/SJKFQx2rW6VZcmjTpHVTAlSXw5gELx/:zIrL/e
Score

1^/10
behavioral18
- Target
  
  Squid.dll
- Size
  
  101KB
- MD5
  
  498720e9b4e27dc1098e47513e4c0776
- SHA1
  
  11ee6e84bc167cfcd2095a114ad0a233276ad7c9
- SHA256
  
  7a5002c46de6c3b54ac8c6c63ae6a20c6f4301c85c9391ba8b09510012225d54
- SHA512
  
  8bac5db90afd93630da9a5120165cbb38fdc16d68f3da933f27cb795adbc1a55131e2794fd74f4506b5188696cd264db5b24ea2071cdded08351490144a04442
- SSDEEP
  
  3072:WYePe172ZVKRzzhRcm0elX49uieYZVssne8dAxPFeCf7hwpNq+vKWoIuf2IqDkIU:WYePeN2XazzhRcjelX49ui/ZVssne8dm
Score

1^/10
behavioral19
- Target
  
  TV3D65.dll
- Size
  
  3.7MB
- MD5
  
  8d97835df59eac872d2211c6f7714883
- SHA1
  
  130fba10b41f3ac817dac4f04e5fa085198038c4
- SHA256
  
  6ff85701fda2a3bda6ef7abd8e907368e846e99546847606833f3bcd7df69463
- SHA512
  
  e522feeafc39df8f5a20c1c9a1b4dc50d876153b7a003d828f5d66beb9b176e1cb9ae9b1d187c0cda46e5b0a130b992ceecf558a4ce09c80c607dbe282798b8d
- SSDEEP
  
  49152:8glyeW1TO36Ip0YBmjvkSHe89F4NiUTyj/wMqze:qH1T5S/FHfze
Score

1^/10
behavioral20
- Target
  
  TurboActivate.dll
- Size
  
  654KB
- MD5
  
  38884fa73e0b948c2dfffd83a67f263c
- SHA1
  
  0a40647b4f7b586c0ecac0e89f94baccb9388f0d
- SHA256
  
  ed0684eb523065884ffa3ce8f6690fbdd6792d423061cc099bcee3bdb17b8af4
- SHA512
  
  80a4632a1ae540ff29f2106cceff0fe2f14d56828544a758513c7a7c3574a73ac23046e0fc475eed2a8aa50417fe79d65ed5b3db96b3f43168a788da4a0adb3c
- SSDEEP
  
  12288:Ukqq4yOSV+OeO+OeNhBBhhBB3+43twbG9usDQQxTP6F59xcznfSafoYx:Ukq5yOSE+43tt9XQQxrq9On1foYx
Score

1^/10
behavioral21
- Target
  
  Universe Sandbox.exe
- Size
  
  1.9MB
- MD5
  
  83bfd3adf6b7ed7fa018f61351e5cdc9
- SHA1
  
  f0bf32a5d2e2112077f6d8ff8cf07351f354b6dc
- SHA256
  
  db171e69a86dc7bf878f0075a01a7c45265de3009d777fcfa1c99b8d5f063598
- SHA512
  
  be68b9648e3bb7ca1f841eebf9dd8149a10ea9cc238d8fc23add19b5f0adaff2e3f3672cd98c8ac139660938876ed6e5f5d5b32c2cfcaffd4a3a4cf2403ab7ae
- SSDEEP
  
  24576:RuLAdyvN2CfPiTjY10+lwrRWMwwzc5QrHNrcWIZ3/NxRmuPbCF:RMAdyl2CXivrWTmc5QBsNNxEEOF
Score

6^/10
- Drops desktop.ini file(s)
behavioral22
- Target
  
  WiimoteLib.dll
- Size
  
  29KB
- MD5
  
  2394ef36cbbd3ea291da6f2e4131a5d5
- SHA1
  
  9f486ef8436f3dfd46bfbdc03491acebcec1a80f
- SHA256
  
  97fc68c0161aec26599ba5995327e85cec957551fbc5da24340aa959b8218f5d
- SHA512
  
  866f0ae210b5a6ce0b6ea92c07db22a909036d831a6bc5edcbca7c30393a34a00784fc73afefad0efdb517cc64677decc6c1fea74d413fec1ab5c8d2ef11e7ed
- SSDEEP
  
  768:lQf+egS42CIdEIhP3dklSVikSCkryiUu34ssw6Whuv1bZoJ6e9Yc/:iVgSFCIdEIhP3bikSCkrydL1loKc/
Score

1^/10
behavioral23
- Target
  
  converter.exe
- Size
  
  116KB
- MD5
  
  f975473b7488b47cba69e70402aa23f6
- SHA1
  
  cd5715bfed924cc5dec651a4e5138c66c80fd024
- SHA256
  
  ae19a701a5494f0a98a6486aa7ae2eb73d15bdd178cfb376390015318ff521c8
- SHA512
  
  950b74f5f62678c28419c987a67dfc9bd67db47febbd81de2887af2d1ff451e2a115d4d011653ab24707555d857847628ce1f9c4e37d950066a5f70e963d4d3f
- SSDEEP
  
  3072:utqPUbIH9bIFLQ44QsKJ3k9eQ1dGV/VZEm9nlhpyH:rPUbS9ULQ4UKJ09eQ1dM/VZPQH
Score

1^/10
behavioral24
- Target
  
  d3dx9_31.dll
- Size
  
  2.3MB
- MD5
  
  797e24743937d67d69f28f2cf5052ee8
- SHA1
  
  7d39afbf94675487a9ff7e41d2dbb8daedf7ad00
- SHA256
  
  e2065619fe6eb0034833b1dc0369deb4a6edc3110e38a1132eeafcf430c578a5
- SHA512
  
  8804d0d95688a932c7bf7e1a023179de8df3a5436e356b36d803cb9781f3a378adb9fe69d03b28362755b808cbeb2cc718ab920672270de0b954996996328f5e
- SSDEEP
  
  49152:9UIXU56pbC6gU8DJpHJLfdrKF322i0aGHhBoMWMNPbSVjeZgxl:OsU56hMU8DJpHJLfdrKF32R0aOBoMWcU
Score

3^/10
behavioral25
- Target
  
  d3dx9_36.dll
- Size
  
  3.6MB
- MD5
  
  44bfec5c9c82a2ee9871d88fd3b9a0e2
- SHA1
  
  e2aeb78330d0815cffedfe88438a71024577d4b6
- SHA256
  
  c12f0ab0338eb5031d3d04beaf7208ac848f7e037d21ff963d2af90221cbe935
- SHA512
  
  35c42ce3afeeb3710d3d96d2cf9ffa2828fe17f8d749fd149e3797e87e154508c77f637de0e424d38bb3fa56bca959cf9da7787323950ec8261b144c09ae306d
- SSDEEP
  
  98304:7DNlnYF7Rej1ppSPBCfDOFjb613xfScl1lraX1gPYZaAHc6:7nCRexpaCfDOFjb613xfScl1dQgPY26
Score

3^/10
behavioral26
- Target
  
  d3dx9_40.dll
- Size
  
  4.2MB
- MD5
  
  eea5e428ce63804f9b12d21c97b5968f
- SHA1
  
  77a7f48f4bdb7e66ed5e524bb8879e3da0d6cd1d
- SHA256
  
  16fd909aeb68d0d1aca8529dc7f78880b97d6649d70ce8d03a2c858bc28e216b
- SHA512
  
  545518dabd82441ddfc17fe1c1cbd7d14603bb58130de1307a31f73b93ca42afdf25dfcf481f0383c4e039edfe4a88ae7b84b06a2850c29bbc3550114e499c73
- SSDEEP
  
  98304:E6EoQ715V9VRhAuR9ClDt2iHbEsX0sycGoKO0nceqyaWd2U:/Qp5VUuR9ClDt2iHbEsX0s6LO5Wd
Score

3^/10
behavioral27
- Target
  
  d3dx9_42.dll
- Size
  
  1.8MB
- MD5
  
  c6a44fc3cf2f5801561804272217b14d
- SHA1
  
  a173e7007e0f522d47eb97068df0ca43563b22bc
- SHA256
  
  f8b9cfab7fffbc8f98e41aa439d72921dc180634a1febca2a9d41a0df35d3472
- SHA512
  
  2371844bc86cdce2d1933625b921b982c4d1b84a39698b51180b09a2d45732407d721fa01d294ca92a88777607a1bb00283f6bcdd4231137a388216d0b09dd5a
- SSDEEP
  
  49152:E8kmV+RIMtAO1r5EHT7SPy/OsXEKWtElmrAtmguohFR:E8k8+RIMtAO1r5EHT7SPy/XXtlmrAAgd
Score

3^/10
behavioral28
- Target
  
  msvcr71.dll
- Size
  
  340KB
- MD5
  
  86f1895ae8c5e8b17d99ece768a70732
- SHA1
  
  d5502a1d00787d68f548ddeebbde1eca5e2b38ca
- SHA256
  
  8094af5ee310714caebccaeee7769ffb08048503ba478b879edfef5f1a24fefe
- SHA512
  
  3b7ce2b67056b6e005472b73447d2226677a8cadae70428873f7efa5ed11a3b3dbf6b1a42c5b05b1f2b1d8e06ff50dfc6532f043af8452ed87687eefbf1791da
- SSDEEP
  
  6144:OcV9z83OtqxnEYmt3NEnvfF+Tbmbw6An8FMciFMNrb3YgxxpbCAOxO2ElvlE:Ooz83OtIEzW+/m/AyF7bCrO/E
Score

3^/10
behavioral29
- Target
  
  t2embed.dll
- Size
  
  117KB
- MD5
  
  7f998e16c6139ac8cd52afd9b8d429b8
- SHA1
  
  a83a26d98a77c7d85e96e6445aad7335ba1c0f56
- SHA256
  
  5f9555fd6a359b6efc1d613fa72ccc36d9cd790b4c55bbaf21f4889aeea9deb2
- SHA512
  
  167ea077129fc926f2e180a652545b1eb4d436d994ddb80a6642d6c6e4d4a6df8f6dd7476f00e0ab212b93c675d82285d426eb34d75139b7159b3dd3e1418113
- SSDEEP
  
  3072:h6MhXBHN/jqaD/cTSfwExbKCrH60jykI4Jjx:1HNuU/nWCrakI
Score

1^/10
behavioral30
- Target
  
  uninstall.exe
- Size
  
  124KB
- MD5
  
  a00d787559edc03a41377ec5a1454272
- SHA1
  
  a716733e418b66fb437b2e9cff3a470ea833e1e8
- SHA256
  
  e0e06b32171ca2986b79455664e8551a568dc2453aab4ac9083c6c22038d1865
- SHA512
  
  e2c56e1e6075864edea48d7f749fddb021d08d9c6d7bdf5c9c0a140a656b4e45ef25da2cdae3b6378ed55f9196ce93f9fe0ea284b2941a47f816d33f7cd1b5a0
- SSDEEP
  
  1536:ZpgpHzb9dZVX9fHMvG0D3XJ7+THrrrektNlskw2rcmfnW+dDFA2HN:TgXdZt9P6D3XJatoktrcmfnW+JF3
Score

3^/10
behavioral31
- Target
  
  update.exe
- Size
  
  434KB
- MD5
  
  37c753d5ab2dba14e7b7e1dc56b87c27
- SHA1
  
  d6dfd70d391c4814ce8c4f2e8bf0c41e7deed1ee
- SHA256
  
  aa71c676499260ed07b6b0e54aff155ad8e46b49aee933e90b5ff4dd098aadb6
- SHA512
  
  0c96bfad6192c6a6d652ff7d4bd93bb13d7fd27e6ccc9a6200c235c833e5340d8e6d8f10937396a9c39b06dbb41a27348d031d55e3b8baa50cdcacaaffff41db
- SSDEEP
  
  6144:YFnJRm+efxgsQWc2m8snsIa9rRLKX5Z1BfZ9e58UoEFXtf79VMUHZZgBRflKXB:YFnXmrsWcRIKf1sNo+gUHZmVsR
Score

1^/10
behavioral32

MITRE ATT&CK Matrix ATT&CK v13

Tasks

Sharing

General

Malware Config

Targets

Checks computer location settings

Executes dropped EXE

Loads dropped DLL

Checks installed software on the system

Drops desktop.ini file(s)

Detected potential entity reuse from brand paypal.

Drops desktop.ini file(s)

MITRE ATT&CK Matrix ATT&CK v13

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32