Overview

overview

7

Static

static

7

Pandora's Box.exe

windows7-x64

7

Pandora's Box.exe

windows10-2004-x64

7

$PLUGINSDI...er.dll

windows7-x64

3

$PLUGINSDI...er.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...ce.rtf

windows7-x64

4

$PLUGINSDI...ce.rtf

windows10-2004-x64

1

$PLUGINSDI...in.dll

windows7-x64

7

$PLUGINSDI...in.dll

windows10-2004-x64

7

$PLUGINSDI...ss.dll

windows7-x64

3

$PLUGINSDI...ss.dll

windows10-2004-x64

3

$PLUGINSDI...zU.dll

windows7-x64

3

$PLUGINSDI...zU.dll

windows10-2004-x64

3

7z.dll

windows7-x64

1

7z.dll

windows10-2004-x64

1

Batwv.dll

windows7-x64

3

Batwv.dll

windows10-2004-x64

3

CefResourc...lf.dll

windows7-x64

1

CefResourc...lf.dll

windows10-2004-x64

1

CefResourc...47.dll

windows10-2004-x64

1

CefResourc...GL.dll

windows7-x64

1

CefResourc...GL.dll

windows10-2004-x64

1

CefResourc...v2.dll

windows7-x64

1

CefResourc...v2.dll

windows10-2004-x64

1

CefResourc...ef.dll

windows7-x64

1

CefResourc...ef.dll

windows10-2004-x64

1

CefResourc...er.dll

windows7-x64

1

CefResourc...er.dll

windows10-2004-x64

1

CefResourc...-1.dll

windows7-x64

1

CefResourc...-1.dll

windows10-2004-x64

1

SDll.dll

windows7-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    Pandora's Box.exe

  • Size

    79.6MB

  • MD5

    de7e5cb2571804cb4af618372bac76ec

  • SHA1

    ec8cc5f9d068d778089eb31f3950db57e5ead523

  • SHA256

    6e3d355ad0525af38aeca313572da118824f184e5b9f0531ade5d8ffe570eb61

  • SHA512

    54e84784c05a264593d8d1b7b1420a49460d08361b8056a2237a602835413bd5069cd519aaec5ea25e0a803677431aefb4720d164f65842d4bcf143424be476e

  • SSDEEP

    1572864:4VUgmhgHKNsFMGf5EE5LLImbJOEeOnSGFXQNYPxp9BLs62gfkGaz3tq805:4fmWKGWGyml3LnXFXiWr/d2okr9V05

Score
7/10
upx

Malware Config

Signatures

  • ACProtect 1.3x - 1.4x DLL software 2 IoCs

    Detects file using ACProtect software.

  • UPX packed file 2 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Unsigned PE 33 IoCs

    Checks for missing Authenticode signature.

Files

  • Pandora's Box.exe
    .exe windows:4 windows x86 arch:x86

    7eae418c7423834ffc3d79b4300bd6fb


    Headers

    Imports

    Sections

  • $PLUGINSDIR/BgWorker.dll
    .dll windows:4 windows x86 arch:x86

    db2755f409b81c4dbfc04f648cfb80b9


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/System.dll
    .dll windows:4 windows x86 arch:x86

    fc0224e99e736751432961db63a41b76


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/licence.rtf
    .rtf
  • $PLUGINSDIR/logo.ico
  • $PLUGINSDIR/nsNiuniuSkin.dll
    .dll windows:5 windows x86 arch:x86


    Code Sign

    Headers

    Exports

    Sections

  • out.upx
    .dll windows:5 windows x86 arch:x86


    Headers

    Sections

  • $PLUGINSDIR/nsProcess.dll
    .dll windows:4 windows x86 arch:x86

    d6b0243dd90845123f35b66da1032c84


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/nsis7zU.dll
    .dll windows:6 windows x86 arch:x86

    b6854db8fde386e6ef367d623b9e75d8


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/skin.zip
    .zip
  • configpage.xml
  • default.xml
    .xml
  • finishpage.xml
  • images/bg2.png
    .png
  • images/browse.png
    .png
  • images/[email protected]
    .png
  • images/check_blue.png
    .png
  • images/[email protected]
    .png
  • images/check_darkgray.png
    .png
  • images/[email protected]
    .png
  • images/check_gray.png
    .png
  • images/[email protected]
    .png
  • images/close_white.png
    .png
  • images/[email protected]
    .png
  • images/close_white_hover.png
    .png
  • images/[email protected]
    .png
  • images/close_white_push (1).png
    .png
  • images/[email protected]
    .png
  • images/finish.png
    .png
  • images/finish1.png
    .png
  • images/min_white.png
    .png
  • images/[email protected]
    .png
  • images/min_white_hover.png
    .png
  • images/[email protected]
    .png
  • images/min_white_push.png
    .png
  • images/[email protected]
    .png
  • images/notice.png
    .png
  • images/[email protected]
    .png
  • images/round_dark.png
    .png
  • images/[email protected]
    .png
  • images/round_dark_hover.png
    .png
  • images/[email protected]
    .png
  • images/round_dark_push.png
    .png
  • images/[email protected]
    .png
  • images/round_light.png
    .png
  • images/[email protected]
    .png
  • images/round_light_hover.png
    .png
  • images/[email protected]
    .png
  • images/round_light_push.png
    .png
  • images/[email protected]
    .png
  • images/scroll_bg.png
    .png
  • images/[email protected]
    .png
  • images/scroll_fg.png
    .png
  • images/[email protected]
    .png
  • images/shadow.png
    .png
  • images/[email protected]
    .png
  • images/warning.png
    .png
  • images/[email protected]
    .png
  • install.xml
  • installingpage.xml
  • licensepage.xml
  • msgBox.xml
    .xml
  • uninstallfinishpage.xml
  • uninstallingpage.xml
  • uninstallpage.xml
  • app.7z
    .7z
  • 7z.dll
    .dll windows:4 windows x64 arch:x64

    928b316f3126865cdd91c5fd11b09dbf


    Headers

    Imports

    Exports

    Sections

  • Batwv.dll
    .dll windows:6 windows x86 arch:x86

    ec1dbd1f9e6eaf0b96770e0e604a949e


    Headers

    Imports

    Exports

    Sections

  • CefResource/chrome_100_percent.pak
  • CefResource/chrome_200_percent.pak
  • CefResource/chrome_elf.dll
    .dll windows:5 windows x64 arch:x64

    c727ea8b17dcf9881addbba7497218bd


    Headers

    Imports

    Exports

    Sections

  • CefResource/d3dcompiler_47.dll
    .dll windows:10 windows x64 arch:x64

    dc71769f237c0a3ba38879380c54a4e6


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • CefResource/icudtl.dat
  • CefResource/libEGL.dll
    .dll windows:5 windows x64 arch:x64

    592e6e55d4fe33d1bd84e3b3016fe3b2


    Headers

    Imports

    Exports

    Sections

  • CefResource/libGLESv2.dll
    .dll windows:5 windows x64 arch:x64

    b3384e5182b61c941805b07b7dc28efe


    Headers

    Imports

    Exports

    Sections

  • CefResource/libcef.dll
    .dll windows:5 windows x64 arch:x64

    389b20e547a44847345cd188c025c0bd


    Headers

    Imports

    Exports

    Sections

  • CefResource/resources.pak
  • CefResource/snapshot_blob.bin
  • CefResource/v8_context_snapshot.bin
  • CefResource/vk_swiftshader.dll
    .dll windows:5 windows x64 arch:x64

    c6d5499631d983c25f3393a4b4b13399


    Headers

    Imports

    Exports

    Sections

  • CefResource/vk_swiftshader_icd.json
  • CefResource/vulkan-1.dll
    .dll windows:5 windows x64 arch:x64

    49ed29c3ff417b26c7cd92ecc9b7dcb3


    Headers

    Imports

    Exports

    Sections

  • SDll.dll
    .dll windows:6 windows x86 arch:x86

    0e0849e1b4d5684d3481faf99c5433a0


    Headers

    Imports

    Exports

    Sections

  • bin/bin.exe
    .exe windows:4 windows x64 arch:x64

    d5a3aeed12c045ae26afa22023748d1e


    Code Sign

    Headers

    Imports

    Sections

  • cefRender.exe
    .exe windows:6 windows x64 arch:x64

    6592a81bae782d742b96802f5eec08f9


    Headers

    Imports

    Sections

  • cefalyme.exe
  • config.ini
  • home.html
    .html .js polyglot
  • ico/logo.ico
  • impower/steam_api.dll
    .dll windows:6 windows x86 arch:x86

    ff80cb9a9991247bcb50dea17efc9e61


    Headers

    Imports

    Exports

    Sections

  • impower/steam_api64.dll
    .dll windows:6 windows x64 arch:x64

    a7d5acf13b4963f52b7a447896e08eb9


    Headers

    Imports

    Exports

    Sections

  • impower/steamclient.dll
    .dll windows:6 windows x86 arch:x86

    ccdc5b22a89abe6f9f954b3a1b2ac014


    Headers

    Imports

    Exports

    Sections

  • impower/steamclient64.dll
    .dll windows:6 windows x64 arch:x64

    79990bc50c91cf3f89a58cc533fbc317


    Headers

    Imports

    Exports

    Sections

  • jiepingTool.exe
    .exe windows:6 windows x86 arch:x86

    e77ef1878532dbb2181b87361ec54485


    Code Sign

    Headers

    Imports

    Sections

  • libcef_32.dll
    .dll windows:6 windows x86 arch:x86

    d5adf8c8da7672031c8f10b8a8e0541f


    Headers

    Imports

    Exports

    Sections

  • libcef_64.dll
    .dll windows:6 windows x64 arch:x64

    93f5e492d3768e64af50d0fbd7436522


    Headers

    Imports

    Exports

    Sections

  • licefupa.dll
    .dll windows:6 windows x86 arch:x86

    fb3b80912544eef2666c715eed21b21a


    Headers

    Imports

    Exports

    Sections

  • logos.ico
  • runorn.dll
    .dll windows:6 windows x86 arch:x86

    f03e85c02a7d92b57dd7cedd94c8f477


    Headers

    Imports

    Exports

    Sections

  • steamall.exe
    .exe windows:6 windows x64 arch:x64

    2b1eed5a007d598fe03a8f8db231a0bd


    Headers

    Imports

    Sections

  • steamclient.dll
    .dll windows:6 windows x86 arch:x86

    ccdc5b22a89abe6f9f954b3a1b2ac014


    Headers

    Imports

    Exports

    Sections

  • video.dll
    .dll windows:6 windows x86 arch:x86

    5d99e3e9f0fd2642ca931d8dcc648b5b


    Headers

    Imports

    Exports

    Sections

  • video64.dll
    .dll windows:6 windows x64 arch:x64

    b9e6def026bfece9a663722f159fb82e


    Headers

    Imports

    Exports

    Sections

  • uninst.exe
    .exe windows:4 windows x86 arch:x86

    7eae418c7423834ffc3d79b4300bd6fb


    Headers

    Imports

    Sections

  • $PLUGINSDIR/BgWorker.dll
    .dll windows:4 windows x86 arch:x86

    db2755f409b81c4dbfc04f648cfb80b9


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/System.dll
    .dll windows:4 windows x86 arch:x86

    fc0224e99e736751432961db63a41b76


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/logo.ico
  • $PLUGINSDIR/nsNiuniuSkin.dll
    .dll windows:5 windows x86 arch:x86


    Code Sign

    Headers

    Exports

    Sections

  • out.upx
    .dll windows:5 windows x86 arch:x86


    Headers

    Sections

  • $PLUGINSDIR/nsProcess.dll
    .dll windows:4 windows x86 arch:x86

    d6b0243dd90845123f35b66da1032c84


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/skin.zip
    .zip
  • configpage.xml
  • default.xml
    .xml
  • finishpage.xml
  • images/bg2.png
    .png
  • images/browse.png
    .png
  • images/[email protected]
    .png
  • images/check_blue.png
    .png
  • images/[email protected]
    .png
  • images/check_darkgray.png
    .png
  • images/[email protected]
    .png
  • images/check_gray.png
    .png
  • images/[email protected]
    .png
  • images/close_white.png
    .png
  • images/[email protected]
    .png
  • images/close_white_hover.png
    .png
  • images/[email protected]
    .png
  • images/close_white_push (1).png
    .png
  • images/[email protected]
    .png
  • images/finish.png
    .png
  • images/finish1.png
    .png
  • images/min_white.png
    .png
  • images/[email protected]
    .png
  • images/min_white_hover.png
    .png
  • images/[email protected]
    .png
  • images/min_white_push.png
    .png
  • images/[email protected]
    .png
  • images/notice.png
    .png
  • images/[email protected]
    .png
  • images/round_dark.png
    .png
  • images/[email protected]
    .png
  • images/round_dark_hover.png
    .png
  • images/[email protected]
    .png
  • images/round_dark_push.png
    .png
  • images/[email protected]
    .png
  • images/round_light.png
    .png
  • images/[email protected]
    .png
  • images/round_light_hover.png
    .png
  • images/[email protected]
    .png
  • images/round_light_push.png
    .png
  • images/[email protected]
    .png
  • images/scroll_bg.png
    .png
  • images/[email protected]
    .png
  • images/scroll_fg.png
    .png
  • images/[email protected]
    .png
  • images/shadow.png
    .png
  • images/[email protected]
    .png
  • images/warning.png
    .png
  • images/[email protected]
    .png
  • install.xml
  • installingpage.xml
  • licensepage.xml
  • msgBox.xml
    .xml
  • uninstallfinishpage.xml
  • uninstallingpage.xml
  • uninstallpage.xml