General
-
Target
UbisoftConnectInstaller.exe
-
Size
217.0MB
-
Sample
240901-rhjx5asgmq
-
MD5
aad1aba5a12b9a4db05fd83f4c55ce04
-
SHA1
541aad7f21c36b236cd7ed4686b18ef9998cc63a
-
SHA256
db8d8c8bd4c8fe9b03c5ea364d5fff74caf4ff1e820998e27d70f899b869e3cb
-
SHA512
f4ea88a5e1c02c43465382a8dd13bddf48ad40cffe599d77912213b81bd384e212042ad69abe074308f5fc9269ff2583c33500594ca4ba6a30a6363de766bf3c
-
SSDEEP
3145728:nzZ3u8v4b78uROXJ7L6WZErguwoWZiKSso+DdniQdSwx6uJWEFyJdS14kdjMcfI7:nz84V71L6WwsoWgKSMcnEF17jPQmJInJ
Malware Config
Targets
-
-
Target
UbisoftConnectInstaller.exe
-
Size
217.0MB
-
MD5
aad1aba5a12b9a4db05fd83f4c55ce04
-
SHA1
541aad7f21c36b236cd7ed4686b18ef9998cc63a
-
SHA256
db8d8c8bd4c8fe9b03c5ea364d5fff74caf4ff1e820998e27d70f899b869e3cb
-
SHA512
f4ea88a5e1c02c43465382a8dd13bddf48ad40cffe599d77912213b81bd384e212042ad69abe074308f5fc9269ff2583c33500594ca4ba6a30a6363de766bf3c
-
SSDEEP
3145728:nzZ3u8v4b78uROXJ7L6WZErguwoWZiKSso+DdniQdSwx6uJWEFyJdS14kdjMcfI7:nz84V71L6WwsoWgKSMcnEF17jPQmJInJ
Score4/10 -
-
-
Target
$PLUGINSDIR/AccessControl.dll
-
Size
8KB
-
MD5
65d017ba65785b43720de6c9979a2e8c
-
SHA1
0aed2846e1b338077bae5a7f756c345a5c90d8a9
-
SHA256
ccc6aaf1071d9077475b574d9bf1fc23de40a06547fc90cf4255a44d3bf631ac
-
SHA512
31a19105892d5a9b49eb81a90a2330c342a5504fa4940b99a12279a63e1a19ee5d4b257d0900794ff7021a09408995a5d12e95cc38f09cf12fb2fd860d205c95
-
SSDEEP
96:18YNfTAJj9KMMVSyPg8uxZAQ/zdVJF/mSsQwV6i8zRRxqBt/FZTIVe7/cIH8ykeO:1XwKMMfPuxJ/zb+b6fR+bZEwywQ9
Score7/10-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
-
-
Target
$PLUGINSDIR/LangDLL.dll
-
Size
5KB
-
MD5
109b201717ab5ef9b5628a9f3efef36f
-
SHA1
98db1f0cc5f110438a02015b722778af84d50ea7
-
SHA256
20e642707ef82852bcf153254cb94b629b93ee89a8e8a03f838eef6cbb493319
-
SHA512
174e241863294c12d0705c9d2de92f177eb8f3d91125b183d8d4899c89b9a202a4c7a81e0a541029a4e52513eee98029196a4c3b8663b479e69116347e5de5b4
-
SSDEEP
48:S46+/+lTKYKxbWsptIpBtWZ0iV8jAWiAJCvxft2O2B8m0ofjLl:zMluPbOBtWZBV8jAWiAJCdv2CmHL
Score3/10 -
-
-
Target
$PLUGINSDIR/System.dll
-
Size
12KB
-
MD5
8cf2ac271d7679b1d68eefc1ae0c5618
-
SHA1
7cc1caaa747ee16dc894a600a4256f64fa65a9b8
-
SHA256
6950991102462d84fdc0e3b0ae30c95af8c192f77ce3d78e8d54e6b22f7c09ba
-
SHA512
ce828fb9ecd7655cc4c974f78f209d3326ba71ced60171a45a437fc3fff3bd0d69a0997adaca29265c7b5419bdea2b17f8cc8ceae1b8ce6b22b7ed9120bb5ad3
-
SSDEEP
192:BenY0qWTlt70IAj/lQ0sEWc/wtYbBH2aDybC7y+XB9IwL:B8+Qlt70Fj/lQRY/9VjjlL
Score3/10 -
-
-
Target
$PLUGINSDIR/nsArray.dll
-
Size
12KB
-
MD5
da4bc09439ed21faf7620a53433aac92
-
SHA1
94e3347aebe16cb88b9f29f00134d9e0fb67e508
-
SHA256
216d68d3f0b37bb2203b3a438a84a089e8c388608f46377ad7e7d6a2709cf9b0
-
SHA512
920294456e8fee0c4137e4b4ba1389f09ade297d6ed49d78a9593d129dbb5eb048da2cbff7ac29687999991d5f38657cb31af73e2ccf6b8b9ce29480d4d81ec6
-
SSDEEP
192:LULA8tZt1pehCUVFpZ/XXz5F8qioPYtS/Z8i4NVhWp1h2ph30R:gLAe1peEUD/X1F8qiAFLhOh
Score3/10 -
-
-
Target
$PLUGINSDIR/nsDialogs.dll
-
Size
9KB
-
MD5
ec9640b70e07141febbe2cd4cc42510f
-
SHA1
64a5e4b90e5fe62aa40e7ac9e16342ed066f0306
-
SHA256
c5ba017732597a82f695b084d1aa7fe3b356168cc66105b9392a9c5b06be5188
-
SHA512
47605b217313c7fe6ce3e9a65da156a2fba8d91e4ed23731d3c5e432dd048ff5c8f9ae8bb85a6a39e1eac4e1b6a22862aa72d3b1b1c8255858997cdd4db5d1fe
-
SSDEEP
192:oRsHeylO012En8pqHtcE0PuAgkOyPIFc:sATI0d8pUP0WAgkBPIFc
Score3/10 -
-
-
Target
$PLUGINSDIR/registry.dll
-
Size
24KB
-
MD5
2b7007ed0262ca02ef69d8990815cbeb
-
SHA1
2eabe4f755213666dbbbde024a5235ddde02b47f
-
SHA256
0b25b20f26de5d5bd795f934c70447112b4981343fcb2dfab3374a4018d28c2d
-
SHA512
aa75ee59ca0b8530eb7298b74e5f334ae9d14129f603b285a3170b82103cfdcc175af8185317e6207142517769e69a24b34fcdf0f58ed50a4960cbe8c22a0aca
-
SSDEEP
384:W2mvyNjH3rPnAZ4wu2QbnC7qB7PnrvScaeYA4CIDEge/QqL2AQ:/75w/OfrzB4CUxuQfA
Score3/10 -
-
-
Target
GfnRuntimeSdkx86.dll
-
Size
3.4MB
-
MD5
cc97295dae3c36abed724c5d24febfd2
-
SHA1
85803e6b6bfb01feceb3e53cb4a17c892e12e6ba
-
SHA256
988c2ddee1dc43c5eb04c4ff7b8b3ed2dbab98760cb9ed578a11b04e784f9810
-
SHA512
fefd3c00229d8da8f989447f297af3dbb79e0b4497b23ed9a01e73cda74e731c8be2e5eb7499711ed64a144be64424be8c598fd3ef3d17a7077a4c7d056756c6
-
SSDEEP
49152:jbsqmtYw/xnr67xYfApJNLQ3VCxjNOSIhMUX/eb:jb7xYAMchUI
Score3/10 -
-
-
Target
Microsoft.Gaming.XboxApp.Extensions.winmd
-
Size
11KB
-
MD5
8faacd0a5d9da72963aa835ce01471ed
-
SHA1
26554fa132b5de2c2798f2d64d2249a4fece81e3
-
SHA256
58aea5f30e9a8c51bc9b859867ddf32ef8a28f7ee5cad5b4537938f1b0d34ffd
-
SHA512
04ba4bac384ab0d8efbde3557d2dabe3290487a6a1c595a3a225c2f9c93430587ec80b4fcbe24c68be43e58cc0b4764de259caae7e87ebfe00c8fa3db3a13ec1
-
SSDEEP
192:mKQlvWRXBMJEAHv9Wx89+OVo31VhjDJQ2v4:mwRugOVo3pvJ5
Score3/10 -
-
-
Target
UbisoftConnect.exe
-
Size
507KB
-
MD5
031d24c2b5b45c8d5980936094c13c48
-
SHA1
933c3bd5be1fe0f655cf5c49b9e32c804f52e8f3
-
SHA256
4063c60bf11b12ec5072e9024e1f625e682b26689a8e816f05e50a5b07068df2
-
SHA512
d93388ae400a523a7d6d8c5e1345bfaa11ec4bd9d33294be9dd74cf615728120a3becd6141b61164c3f443531ef9d8ec74cbf58b23419491ed500ae61b7f733f
-
SSDEEP
6144:BcFpRE1eO52o+QMh3smMHsckDKdtcn8qXmGLC:BkAeO2B53smMQ+aLC
Score5/10-
Event Triggered Execution: Component Object Model Hijacking
Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
-
-
Target
UbisoftExtension.exe
-
Size
9.2MB
-
MD5
531704017d866e9a5ca39bcac339293b
-
SHA1
f646997af8551f027db022f82cd1f8e1c7edded1
-
SHA256
9bef94dff003cbe9637daf4191f3efdcd73043b4c3d5f2ff9ba4ad1b35aa0598
-
SHA512
967aec419831b6f9806d884c4d18e87440bf6cc5fb346a9312b7d15cc80a5d4cc1f465c61ec54e1cc824e7d6265b2b9370cac99e31623b1a5021dc512cb9efbf
-
SSDEEP
196608:qtvk93f4wc8XYg1F+JvDUKwSy+01lrfIaDJtkhcJ:q4f4W3A4KwN+01lbdDvk2
Score5/10-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
-
-
Target
UbisoftGameLauncher.exe
-
Size
2.5MB
-
MD5
8c9467436c3119aef06308a28d329829
-
SHA1
1dd26dfeda24dc8ab9ad4b9c90f30b4765367c8e
-
SHA256
314ab31600857fa47dd17286e19a72d19d8e529de02c7bc3fa62b08471bd664b
-
SHA512
29f89be48a254a407f8c9f2648afea4a170d3cb393961572dadf6ce32097a2d5322a1991b6732415e12822a1c2fbbd15f47d420e331e6dc81df03753c1ecdea4
-
SSDEEP
49152:KGRatgrksfa3mHFOMS8ZOQY3uf3jTHr8TIb8jpKflmgHkGdvzx:KDtgrksfacJS+THr8TIIgRF
Score3/10 -
-
-
Target
UbisoftGameLauncher64.exe
-
Size
3.9MB
-
MD5
4ae4e7812d731a47c6528be993e44589
-
SHA1
498003480f6342b6cab5920c456e79e5a390994e
-
SHA256
f61f31001dd277b92f5ab500279877e7c1b08af500abff13d01c08bab245c8a9
-
SHA512
ad35bf93eb617f86ab39f8afceec3a852752bb00f699a2ddffac60b51d32a35c4e5a78d537e9a0788dbc0dbf6ccec4a47c9250aa899ca66d10cc7d0a2b3e7239
-
SSDEEP
49152:7mBY3Gx8LSmRnSPBFlhj+wXm2wA0W72GTkpGsMB9mTDRua:KBY1Sl0Wupz
Score1/10 -
-
-
Target
Uninstall.exe
-
Size
286KB
-
MD5
270c678cab012cf11edd8e06121252a2
-
SHA1
357e61172b618924820ed59791b9b39fe4c817de
-
SHA256
50fd9280f4a0febbdff4a9243996532a8e99670b904e6f291180f5bdc3064b49
-
SHA512
b558549b9ab51bbe53898fad2349b2d2519a2c1aa92a376c18c1171591f25c2d69be61f0ca43c285e09e667b32da14a15b87981cf7db2a077b7dfff3fc6a1b12
-
SSDEEP
3072:08UWylM4JDVPYuTBfcv/yFBVBmFQgUeT692unIZNKzawspXd/VBhr2m1K:+lHXRtcn8qXmADKW7Xd/VB8
Score4/10 -
-
-
Target
UplayCrashReporter.exe
-
Size
6.2MB
-
MD5
cc9f6580129c6b3bfbe76e0066a71838
-
SHA1
c2cbf0721a6320a1e2f64bbc5f8779b52c32a50f
-
SHA256
26e463bef46b50a15d6043d6e73aca2be049fbe222dcf745eb094dffac80c23d
-
SHA512
f61bf2c62c4b9b888dae28bd82f0c06512847526fdbed29e226ef88501a7ccef4dcf77d24c2038b7ba3bd1846c62317ca9957af1542557b77081c49faae169a1
-
SSDEEP
98304:V5Wj7F9oyZpy71FB9WBlEcwsyjtbrmdMJivk+mcejdQCq:yj7FyC071lkaCql6dMJivk+re6
Score5/10-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
-
-
Target
UplayService.exe
-
Size
7.0MB
-
MD5
366a2b89af2576d0bb3586d8a8d01c94
-
SHA1
04d08653650e068ff005d03b5f944608cdf79ce8
-
SHA256
55f37c3f78c2d73acf98dffcca2cbcafd68e7f8bc66987fa0463fbcdb71f03ce
-
SHA512
060652eb214c00cdcd7896d71d8256dec2116440f382161ffb2175823b1485bae67bd406d1ee4c4e9d6d76bf8cb4de84b953fb1c7b60a8fe9371afca66ea5045
-
SSDEEP
98304:ttYh8KpmCZdxTdZGk3/VI9bHmV5Km4bFVQii4B4Cg+tTrEuRr4usQ/IM6Kg1RJra:vyfxTmk/3p4/F2Cg4Eqrh/A5lpYf
Score5/10-
Suspicious use of NtSetInformationThreadHideFromDebugger
-