fbe07d1afd27ab353daa2afacc2de87d8f5ec69f64bbd9246f31ebfe1731de9b

Sharing

Copy URL

Twitter E-mail

General

Target

pcsx2-v1.6.0-windows-32bit-installer.exe
Size

6.9MB
Sample

240125-2qba3ahhbl
MD5

c6afd2ff3059b840ee2fb939694efafb
SHA1

405c4d526ac498fd61658d94f24426afa8ac4525
SHA256

fbe07d1afd27ab353daa2afacc2de87d8f5ec69f64bbd9246f31ebfe1731de9b
SHA512

d0cac8e24d83662d16df3a952cb5853f4e4d1ba5a4d78b274cde1131945fbabbbd1f2c10cfcd416a9dcb466b97ec07edac2acebcb6dc3c3b4d6927f5e6d064db
SSDEEP

196608:LrjpHpHPhXOQi7IGJEfB6+x5McQTVNy6Tp93cfw0acIVa:bpJHV4TEf4+XqVX9Vcf6A

Score

7^/10

Malware Config

Targets

- Target
  
  pcsx2-v1.6.0-windows-32bit-installer.exe
- Size
  
  6.9MB
- MD5
  
  c6afd2ff3059b840ee2fb939694efafb
- SHA1
  
  405c4d526ac498fd61658d94f24426afa8ac4525
- SHA256
  
  fbe07d1afd27ab353daa2afacc2de87d8f5ec69f64bbd9246f31ebfe1731de9b
- SHA512
  
  d0cac8e24d83662d16df3a952cb5853f4e4d1ba5a4d78b274cde1131945fbabbbd1f2c10cfcd416a9dcb466b97ec07edac2acebcb6dc3c3b4d6927f5e6d064db
- SSDEEP
  
  196608:LrjpHpHPhXOQi7IGJEfB6+x5McQTVNy6Tp93cfw0acIVa:bpJHV4TEf4+XqVX9Vcf6A
Score

7^/10

discovery link pdf
- Executes dropped EXE
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Drops desktop.ini file(s)
- Drops file in System32 directory
behavioral1 behavioral2
- Target
  
  $TEMP/PCSX2 1.6.0/Langs/pl_PL/pcsx2_Iconized.mo
- Size
  
  31KB
- MD5
  
  dbb32767f9c24e5aacf85977d40834ee
- SHA1
  
  d1a54669cfb65735e3b76c521387175aca68cc05
- SHA256
  
  7d5057132c0868cc5e3384c03957fdad6b93e967b26244b39288467d850c9574
- SHA512
  
  772b8f8176597a081c0720a783ae18b29becfa6b9e677cfd897572d97a7540b5365990e5fabf4c35117638119adc2df2e6a1a9b9b09d26d668f7bd639a1ad458
- SSDEEP
  
  768:JcrtLnpgStTXQ9rK1QVdMfLGYxLx5M9bpQVIcnD:JiLn3uZ4fkpQ1D
Score

3^/10
behavioral3 behavioral4
- Target
  
  $TEMP/PCSX2 1.6.0/Langs/pl_PL/pcsx2_Main.mo
- Size
  
  60KB
- MD5
  
  7f0bf137f7986c356c7c17ac050a463f
- SHA1
  
  375b8d313325b8efa39a5d638dfc3d3a9aee08a2
- SHA256
  
  ec0f73e541e41a738c70830e85252a7529d8537199d0228b89fef21de7c7246d
- SHA512
  
  979ad5a3fb98034792bb261c4be113c5fd5086e8c56b592252e2b68b051bd6c3bba35870a5ece523e44780cf462ce28e45b91bae49d0f43ec3d3e1d0808c4206
- SSDEEP
  
  768:6CEVldBUysl/vNC9sYp8wQQaTEV3lkRJgRs5m62WEzVc6J6RV0c8QQxAc+EcE:6CEVDBHCpwzuaf5LJ6R6VxL+EcE
Score

3^/10
behavioral5 behavioral6
- Target
  
  $TEMP/PCSX2 1.6.0/Langs/pt_BR/pcsx2_Iconized.mo
- Size
  
  31KB
- MD5
  
  dced21ef12a5a9e985600d8d5a8d27f5
- SHA1
  
  349b84f2f9364e75a3af72706c0e24d270d1daab
- SHA256
  
  a0d07f679ab17fcdc8ecc207823b560ef3b212353a5ebb34cc996dc89c1db6b7
- SHA512
  
  7f23cff4086051b587b3ef8647ba55791ebf06612e8a8e68bdaa206f863d2dac2d0b02667f739cc8a394adbe3d7750f33a6f00465485a523a6ff04b8b00a33c6
- SSDEEP
  
  768:0ZZtLnpgStTXQ9yK1QVdMHsCY4e35SxwEJR83lOgg38:87Ln3u9slXp1EJKOw
Score

3^/10
behavioral7 behavioral8
- Target
  
  $TEMP/PCSX2 1.6.0/Langs/pt_BR/pcsx2_Main.mo
- Size
  
  61KB
- MD5
  
  4cf248a0167da5d5766a7c9ca62c310c
- SHA1
  
  c0d632d178a83a712e48e40366f719e49c796ee5
- SHA256
  
  3a96dc74b3500955a7e6c7742e89784c1a5783b6964eea7f5504bbab9659ad1a
- SHA512
  
  d533e8f8521aa00413eb4c45e7a63ff776552d0a996a0e86fa3cc75b741b4c3ea60393ef402e9b4e24741f2e3ecf3982171117a95dbb982f262c4bfa99050c83
- SSDEEP
  
  768:RYx+vbUdO/8Q/vgC9sYp8wQQaTEV34E8qUIkRVMqh4lZ+vZbD2dNoey29cR:RsaUcxkwz9yunY0dee39e
Score

3^/10
behavioral10 behavioral9
- Target
  
  $TEMP/PCSX2 1.6.0/Langs/ru_RU/pcsx2_Iconized.mo
- Size
  
  40KB
- MD5
  
  9503827ef52f789b5070e37df99ad958
- SHA1
  
  9ddea0977e5ec7dd9241343de0b6127ea8890bd9
- SHA256
  
  7202230dd95c958b249d0ffdcde286d2374273943ca0bdc0039f7b0e1d59ab88
- SHA512
  
  0cd6915d5beb493b745743c67852c6b5d850ddced08f8f9c26e746e2e941c64aed2c68d24326ec98d32f874e3a66d911a6d575b3922129ee9e3739c73f9c9401
- SSDEEP
  
  768:PMZtLnpgSLTXQ9rK1QVdcxAzq299/oMtw0cUcDS43OTEqju7ejt5hFmjvO1:PM7Lndu+xAG23jw0cUcG4ewqju7CTmj4
Score

3^/10
behavioral11 behavioral12
- Target
  
  $TEMP/PCSX2 1.6.0/Langs/ru_RU/pcsx2_Main.mo
- Size
  
  77KB
- MD5
  
  1be5fd0399942e27f5c16b9f8ab44529
- SHA1
  
  4cf7816c8658e1a755d6e72103cd0027050d749d
- SHA256
  
  6f367530bda9dece01d97b73f4eeed8a02d6da2feb621326e29cb4891246d5da
- SHA512
  
  ea5472975974102baff836340571ac4ec486e7af14d4497ef3660f120728c673567c32762a6375a495004e6c6910143f2bedd5093eafd3a2e0bf5ce6ffe0052c
- SSDEEP
  
  1536:rrlL9nZ0w4GHy+kR/jOKBxGLHtdAuvebp4mOuo:r11Oiy+UtfGLH3Auvebp4mpo
Score

3^/10
behavioral13 behavioral14
- Target
  
  $TEMP/PCSX2 1.6.0/Langs/sv_SE/pcsx2_Iconized.mo
- Size
  
  27KB
- MD5
  
  185100f5f1d963ae9d069143c91bf028
- SHA1
  
  4dfea2b71797958a5e737b56d45ba4ba37dc7092
- SHA256
  
  d02dbd62fe81ad680c82d3daaf2c6fad27a601e20f2c4a6d3c82bad512324208
- SHA512
  
  255c373dcf7ea0450266745df31ff0278f1c058fa7925cd88000f889f60e2c6d0796e25df0ad70f3771102708906b73fa7afc11dd7c1734efcc421465f16da5f
- SSDEEP
  
  768:1+tLnpgStTA9rK1QVdM4xJhK5gg2bofeTN/ken:uLne5xJhWggQofw/kM
Score

3^/10
behavioral15 behavioral16
- Target
  
  $TEMP/PCSX2 1.6.0/Langs/sv_SE/pcsx2_Main.mo
- Size
  
  57KB
- MD5
  
  68071ae3e83131665387682d21f72c32
- SHA1
  
  b402fee61e3a617d1d13b45fad0285712a08aa70
- SHA256
  
  bad98ae146b5981c7141ee76ce083318f963cc01bdfd663754acbdb2a89c912c
- SHA512
  
  4122c1e244ffb72c2e417cf9ee1f7efc2ba6ad5826dc4944a23e581b25de8b41b74b536c2664d1f04f00fc42088a7926ca200fbf1454150b1c07c253a3192690
- SSDEEP
  
  1536:Xd3dibMomHwzxKqfQXuRVc9RkplAVfm6Ni:XhdigUz9fYuRVc3kLAVfZNi
Score

3^/10
behavioral17 behavioral18
- Target
  
  $TEMP/PCSX2 1.6.0/Langs/th_TH/pcsx2_Iconized.mo
- Size
  
  29KB
- MD5
  
  4c66d238885331ffbf3fea07da4f7fbc
- SHA1
  
  76cacb64580d5d5d747196581ced0d2b8ab9299a
- SHA256
  
  edaa2a55817fad24a33ae2a06f35bf3897b1ca00f58280429591edad04b2d08a
- SHA512
  
  0a26b024c388f4d02aa624195a1b359e1e686fa18df11a20bed0e763712cbfcfc1e8463f507c7872f35e2a4ab0731eb3c5218d6069d588d2f3433bcc8e2d856e
- SSDEEP
  
  768:J/1HWTKlmTQVdMCejjck7SmMOUDkpKtNpG61OYw+kKkJHK58lFFgBCgXHpIbVee1:P9XdFBI
Score

3^/10
behavioral19 behavioral20
- Target
  
  $TEMP/PCSX2 1.6.0/Langs/th_TH/pcsx2_Main.mo
- Size
  
  70KB
- MD5
  
  3512308e7e98fc6ecf02323a4b9fa25e
- SHA1
  
  c03a20ee2750850377ae47ca1965bc2013d5cd50
- SHA256
  
  e980afbbb83e0595be0b52f802bb7af60e22874a2650fb81c2bb616b57912025
- SHA512
  
  bb81a1ee14a2d66575edf06f6902de67b1c9e156d6d5b49514b2b9cf4469fd1097c49cbc1d8c67ea3c565e42c4e734f0fc74d56ba3e9cf7bd05110ed5e50abed
- SSDEEP
  
  768:mWgR5zakTNu8hiPC9kYL6TC9nEVLXQqjk5QV5P5x8B9BXdd1pHLeFHtGeR7ja8Fi:mWgi0uX26rvyQcgL9ZCIesY
Score

3^/10
behavioral21 behavioral22
- Target
  
  $TEMP/PCSX2 1.6.0/Langs/tr_TR/pcsx2_Iconized.mo
- Size
  
  32KB
- MD5
  
  6a1e6f15971b8f50b193b45199c23b1c
- SHA1
  
  9efc47dea23f9263a74ada7833eac25d90f36bfb
- SHA256
  
  f26b4bb09a2fff875ce71981893a704bba042dc116a9fec78481e61cbda66828
- SHA512
  
  0cbbdff2d0fa38282448f6feb1fd5b72a26dd8f24508e142e0015e5c614ab2eb1c1364b23224471ba193a630339b61aa92201094c74672f0a7773d4447d2e2f2
- SSDEEP
  
  768:J/qtLnpgStTXQ9rK1QVdMhKj1OxG1WpZ+pmO50S4PV:JwLn3uVjiZ+pyV
Score

3^/10
behavioral23 behavioral24
- Target
  
  $TEMP/PCSX2 1.6.0/Langs/tr_TR/pcsx2_Main.mo
- Size
  
  60KB
- MD5
  
  5e9b0aae666773c378166e9264146c97
- SHA1
  
  f1ee57a9f3bfb2198ab90ddf31cc55607539647a
- SHA256
  
  9daf3b36a43514d73e77af2792ecc5dee0fd6a47b26c57b4b882586cb5fd550c
- SHA512
  
  c5e61dd1b79e357a9746dcaaa48f28a819fc19aef6703141cc9e7bed46ed914bcde30047cf17db64edba447f0ae63e724d4e8eda8502c81a503e736b8d9475a3
- SSDEEP
  
  768:7HmxN/aFf7Yui6zVSN/vNC92Yp8wQJaTEV3IL29zqDMFyJ24Z/KdwJ57BXrGDPIf:TmxN/aFf706BShDw4I8zql59aWB/
Score

3^/10
behavioral25 behavioral26
- Target
  
  $TEMP/PCSX2 1.6.0/Langs/zh_CN/pcsx2_Iconized.mo
- Size
  
  20KB
- MD5
  
  bf817dc79f6d05f64658e5a5da69f918
- SHA1
  
  b11b3b6a8ecb62a4b9d477fcdc2a54a5bf6f9676
- SHA256
  
  7579130692c9d7fa73dca4a29f58338f8caf4f82664b79f82c251030d786e00d
- SHA512
  
  0d9bbff81ada796c31f7369f23ffbf2d48fb8f4035e24b9115679729a62daf29eac9cb77db35092483d573d760cee1ac05762cdc6df9768297bebde55e906309
- SSDEEP
  
  384:7lorPKxqGI+ZhdZj0l5R+LHRd3j5QVdOaQHhPyM4TCDeIwDNQm0DkFsuFm5XO:7lsPyK6TA9m1QVdMFyM2NIwkDkuuQO
Score

3^/10
behavioral27 behavioral28
- Target
  
  $TEMP/PCSX2 1.6.0/Langs/zh_CN/pcsx2_Main.mo
- Size
  
  49KB
- MD5
  
  20df33b2b57c36d7ee8d458fba68a0ed
- SHA1
  
  bb9998141979a9bf909919be20d9d66c60366041
- SHA256
  
  bba73947d56197e9f8017ba4f054648a349e0e35474f50dc872fdf7e8fdeb5a5
- SHA512
  
  47be448adc22f4ad97a147e0fa130fb533b37b9d135c267aebf1b24aeeaf7c2fe712a39425ad268bedf89a8192ee4fdd77a339a884ea2990c7e771a5ef633898
- SSDEEP
  
  1536:SPkVLQwOl8Kq3Ofk9oNoVS68t79xJTRqubE:SEA8yoVS6IXT4Z
Score

3^/10
behavioral29 behavioral30
- Target
  
  $TEMP/PCSX2 1.6.0/Langs/zh_TW/pcsx2_Iconized.mo
- Size
  
  29KB
- MD5
  
  eff89012e3650935d383b930b8a6cd1a
- SHA1
  
  adf011ec3eed05d2e5fc7281559b1102ee65bddd
- SHA256
  
  b9139408608b925742944a60942b580aa6836b37f4a5936206f92e1442c95f95
- SHA512
  
  6ae93814f4be03d3d97c2aea059e545545e16483ce4a8633aa9d3c8c9c73b859c540591f11431b54c91bb33842fb4f67274cdaf26e14962461b57dce2beab6f2
- SSDEEP
  
  768:JwztLnpgStTXQ9rK1QVdMwC9aeJgYCa7OQJbvap47:J8Ln3uLCK6SCbk47
Score

3^/10
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Executes dropped EXE

Loads dropped DLL

Checks installed software on the system

Drops desktop.ini file(s)

Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32