Overview

overview

8

Static

static

1

UnlockTool...-0.exe

windows7-x64

8

UnlockTool...-0.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    UnlockTool-2023-11-10-0_MobileRdx.com.rar

  • Size

    171.4MB

  • Sample

    231112-dzdksacf8z

  • MD5

    50b91b17dda302ce8f05877b76b274a8

  • SHA1

    da295d665a98e3c05bfd439cdceabf1071d48522

  • SHA256

    3c6e082e18c2d2169e1919d1afa0ba6b15afb22fc1da43983b09f25f4317749b

  • SHA512

    2c1afb470d076f5daea4a9a0fb7a7e19408df497d6738a567588019fd6847abcfc122cb2ea29bf62ff81fd1f65d71737e6026ba956bc80ab5023563896cb7ee5

  • SSDEEP

    3145728:By3KX87aMQUfyKRVpYp17eBhko7VeumSv1hK/35vA7Yz+3UQcD3bpbR9Y:k3TR3RlBDxeuLfKPC7YwcD3jW

Score
8/10

Malware Config

Targets

    • Target

      UnlockTool-2023-11-10-0.exe

    • Size

      171.9MB

    • MD5

      3eccb8c74f961b6c8c28bd1359588ead

    • SHA1

      82ef5500722cd9b9e45f2ac0c8a180067e2556ad

    • SHA256

      c045bddb539997cf70bece9be31a2948f23bd1248f1d14e4f186ad2ec176a8a3

    • SHA512

      8662eb1660b807755f960755655c85da321f5684f6e42f990db4b2282ba1d8aab7b37d151d66b8a64e6bf730a8867487904cd511b45e02649b37027d72acc6bd

    • SSDEEP

      3145728:FjlpipTp3bcwUSG/P/15mF+Lpj1UhRvge1YYgJ53Q2YFUg4JCmlDk:9ipVoh1fpmhRvgCYNJZYFV4Jl4

    Score
    8/10

    • Downloads MZ/PE file

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks