General

  • Target

    UnlockAllTool.exe

  • Size

    9.4MB

  • Sample

    230326-eye8nafd98

  • MD5

    24b5dcad26d369fd99a448d860445fe7

  • SHA1

    4f0e4d4cbcc54a20d4a09c1048dac9f7d3edab01

  • SHA256

    a244007277755d3cee5679adac99075611a0513ec35b9803fd52f1ce7fa64ce4

  • SHA512

    eda0832b5468b59cde28f96371cb3536029999659bfb64150a404adaf444a92b21f57e125a18b1981805ec28dbccd9f05ffc2b0803b8c1b80ebf1a5c77d644ff

  • SSDEEP

    98304:+AfdDTHppTvBzjYz067yqu/mnFQOi33nFbO4KSgPTPgS8NAvKBUuYW2b/i2BoWo3:1R2PrW2UR6J4m0

Score
8/10

Malware Config

Targets

    • Target

      UnlockAllTool.exe

    • Size

      9.4MB

    • MD5

      24b5dcad26d369fd99a448d860445fe7

    • SHA1

      4f0e4d4cbcc54a20d4a09c1048dac9f7d3edab01

    • SHA256

      a244007277755d3cee5679adac99075611a0513ec35b9803fd52f1ce7fa64ce4

    • SHA512

      eda0832b5468b59cde28f96371cb3536029999659bfb64150a404adaf444a92b21f57e125a18b1981805ec28dbccd9f05ffc2b0803b8c1b80ebf1a5c77d644ff

    • SSDEEP

      98304:+AfdDTHppTvBzjYz067yqu/mnFQOi33nFbO4KSgPTPgS8NAvKBUuYW2b/i2BoWo3:1R2PrW2UR6J4m0

    Score
    8/10
    • Downloads MZ/PE file

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Themida packer

      Detects Themida, an advanced Windows software protection system.

MITRE ATT&CK Matrix ATT&CK v6

Defense Evasion

Modify Registry

2
T1112

Discovery

Query Registry

2
T1012

System Information Discovery

1
T1082

Tasks