General
-
Target
android-unlock.exe
-
Size
2.1MB
-
Sample
240423-17hk2acd97
-
MD5
567f4ed785357693d26e5e184ddb3e58
-
SHA1
552143300919a62c2fcc15ba964bf886f8e3bb25
-
SHA256
99c95f252d0d87f948acc974e1f1f6c61d4dc32f8f6e10698a76bc9d9a1ff086
-
SHA512
15caa9e856a1ab4ae161a77c896f5e7fef7648d91720b6e1c4a38a30d5c1f7fc229620f0dcf4a2fd2cdb9d413755cd2f3d17693f35cfecb4fa8c8bda294c7c96
-
SSDEEP
49152:DNDD3kIkpxD8SUG+hnjz5MFwwkJirzjXhW8RX7Xi:5DD3/cZLcnBMFwwkorzjZi
Behavioral task
behavioral1
Sample
android-unlock.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
android-unlock.exe
Resource
win10v2004-20240412-en
Malware Config
Targets
-
-
Target
android-unlock.exe
-
Size
2.1MB
-
MD5
567f4ed785357693d26e5e184ddb3e58
-
SHA1
552143300919a62c2fcc15ba964bf886f8e3bb25
-
SHA256
99c95f252d0d87f948acc974e1f1f6c61d4dc32f8f6e10698a76bc9d9a1ff086
-
SHA512
15caa9e856a1ab4ae161a77c896f5e7fef7648d91720b6e1c4a38a30d5c1f7fc229620f0dcf4a2fd2cdb9d413755cd2f3d17693f35cfecb4fa8c8bda294c7c96
-
SSDEEP
49152:DNDD3kIkpxD8SUG+hnjz5MFwwkJirzjXhW8RX7Xi:5DD3/cZLcnBMFwwkorzjZi
-
Manipulates Digital Signatures
Attackers can apply techniques such as changing the registry keys of authenticode & Cryptography to obtain their binary as valid.
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Drops file in System32 directory
-