Overview
overview
7Static
static
7anyfix-ios...2).exe
windows7-x64
6anyfix-ios...2).exe
windows10-2004-x64
5$PLUGINSDI...er.dll
windows7-x64
3$PLUGINSDI...er.dll
windows10-2004-x64
3$PLUGINSDI...Vs.dll
windows7-x64
3$PLUGINSDI...Vs.dll
windows10-2004-x64
$PLUGINSDI...os.dll
windows7-x64
3$PLUGINSDI...os.dll
windows10-2004-x64
3$PLUGINSDI...ib.dll
windows7-x64
1$PLUGINSDI...ib.dll
windows10-2004-x64
3$PLUGINSDI...em.dll
windows7-x64
3$PLUGINSDI...em.dll
windows10-2004-x64
3$PLUGINSDI...up.exe
windows7-x64
7$PLUGINSDI...up.exe
windows10-2004-x64
7$PLUGINSDI...00.dll
windows7-x64
1$PLUGINSDI...00.dll
windows10-2004-x64
1$PLUGINSDI...00.dll
windows7-x64
1$PLUGINSDI...00.dll
windows10-2004-x64
1$PLUGINSDIR/nsDui.dll
windows7-x64
3$PLUGINSDIR/nsDui.dll
windows10-2004-x64
3$PLUGINSDI...ec.dll
windows7-x64
3$PLUGINSDI...ec.dll
windows10-2004-x64
3$PLUGINSDI...ss.dll
windows7-x64
3$PLUGINSDI...ss.dll
windows10-2004-x64
3$PLUGINSDI...7z.dll
windows7-x64
3$PLUGINSDI...7z.dll
windows10-2004-x64
3$PLUGINSDI...ry.dll
windows7-x64
3$PLUGINSDI...ry.dll
windows10-2004-x64
3$PLUGINSDI...ll.exe
windows7-x64
4$PLUGINSDI...ll.exe
windows10-2004-x64
5$PLUGINSDI...er.dll
windows7-x64
3$PLUGINSDI...er.dll
windows10-2004-x64
3General
-
Target
anyfix-ios-system-recovery-en-setup (2).exe
-
Size
7.1MB
-
Sample
240502-xlck4sea3t
-
MD5
9c3c41d2f9b7d33d38641e85ba0a5fd9
-
SHA1
5e3fc663df59515cdf7eb9c4c0a43130a26689ba
-
SHA256
0609ebd4157f1b0591ab2a98749c0073a479ffae8e3eb5ba560838bb3eaaa0c5
-
SHA512
2a38369f24c28c310e6ed98506fc89177a00e2766a89ed992fca5867bec55f0125aa0403fe619d051044acdf6f0dfe63c230e072e3732693cd51cce43f616a06
-
SSDEEP
98304:2aswfDVoKwsGwFzDXoAgjrpeuUaCp1o9Djk5mfZwg4yCr78VEZ7W9xlWes3bdjOi:2VwVssGOzDXYU/s5IsBwTLQGWblMLs/y
Behavioral task
behavioral1
Sample
anyfix-ios-system-recovery-en-setup (2).exe
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
anyfix-ios-system-recovery-en-setup (2).exe
Resource
win10v2004-20240426-en
Behavioral task
behavioral3
Sample
$PLUGINSDIR/BgWorker.dll
Resource
win7-20240221-en
Behavioral task
behavioral4
Sample
$PLUGINSDIR/BgWorker.dll
Resource
win10v2004-20240419-en
Behavioral task
behavioral5
Sample
$PLUGINSDIR/CheckProVs.dll
Resource
win7-20240221-en
Behavioral task
behavioral6
Sample
$PLUGINSDIR/CheckProVs.dll
Resource
win10v2004-20240419-en
Behavioral task
behavioral7
Sample
$PLUGINSDIR/ExecDos.dll
Resource
win7-20240221-en
Behavioral task
behavioral8
Sample
$PLUGINSDIR/ExecDos.dll
Resource
win10v2004-20240426-en
Behavioral task
behavioral9
Sample
$PLUGINSDIR/GoogleTracingLib.dll
Resource
win7-20240220-en
Behavioral task
behavioral10
Sample
$PLUGINSDIR/GoogleTracingLib.dll
Resource
win10v2004-20240426-en
Behavioral task
behavioral11
Sample
$PLUGINSDIR/System.dll
Resource
win7-20240215-en
Behavioral task
behavioral12
Sample
$PLUGINSDIR/System.dll
Resource
win10v2004-20240419-en
Behavioral task
behavioral13
Sample
$PLUGINSDIR/dotNetFx45_Full_setup.exe
Resource
win7-20240419-en
Behavioral task
behavioral14
Sample
$PLUGINSDIR/dotNetFx45_Full_setup.exe
Resource
win10v2004-20240419-en
Behavioral task
behavioral15
Sample
$PLUGINSDIR/msvcp100.dll
Resource
win7-20240221-en
Behavioral task
behavioral16
Sample
$PLUGINSDIR/msvcp100.dll
Resource
win10v2004-20240419-en
Behavioral task
behavioral17
Sample
$PLUGINSDIR/msvcr100.dll
Resource
win7-20240220-en
Behavioral task
behavioral18
Sample
$PLUGINSDIR/msvcr100.dll
Resource
win10v2004-20240419-en
Behavioral task
behavioral19
Sample
$PLUGINSDIR/nsDui.dll
Resource
win7-20240221-en
Behavioral task
behavioral20
Sample
$PLUGINSDIR/nsDui.dll
Resource
win10v2004-20240226-en
Behavioral task
behavioral21
Sample
$PLUGINSDIR/nsExec.dll
Resource
win7-20240215-en
Behavioral task
behavioral22
Sample
$PLUGINSDIR/nsExec.dll
Resource
win10v2004-20240419-en
Behavioral task
behavioral23
Sample
$PLUGINSDIR/nsProcess.dll
Resource
win7-20240221-en
Behavioral task
behavioral24
Sample
$PLUGINSDIR/nsProcess.dll
Resource
win10v2004-20240419-en
Behavioral task
behavioral25
Sample
$PLUGINSDIR/nsis7z.dll
Resource
win7-20240419-en
Behavioral task
behavioral26
Sample
$PLUGINSDIR/nsis7z.dll
Resource
win10v2004-20240419-en
Behavioral task
behavioral27
Sample
$PLUGINSDIR/registry.dll
Resource
win7-20240221-en
Behavioral task
behavioral28
Sample
$PLUGINSDIR/registry.dll
Resource
win10v2004-20240419-en
Behavioral task
behavioral29
Sample
$PLUGINSDIR/uninstall.exe
Resource
win7-20231129-en
Behavioral task
behavioral30
Sample
$PLUGINSDIR/uninstall.exe
Resource
win10v2004-20240419-en
Behavioral task
behavioral31
Sample
$PLUGINSDIR/BgWorker.dll
Resource
win7-20240221-en
Behavioral task
behavioral32
Sample
$PLUGINSDIR/BgWorker.dll
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
anyfix-ios-system-recovery-en-setup (2).exe
-
Size
7.1MB
-
MD5
9c3c41d2f9b7d33d38641e85ba0a5fd9
-
SHA1
5e3fc663df59515cdf7eb9c4c0a43130a26689ba
-
SHA256
0609ebd4157f1b0591ab2a98749c0073a479ffae8e3eb5ba560838bb3eaaa0c5
-
SHA512
2a38369f24c28c310e6ed98506fc89177a00e2766a89ed992fca5867bec55f0125aa0403fe619d051044acdf6f0dfe63c230e072e3732693cd51cce43f616a06
-
SSDEEP
98304:2aswfDVoKwsGwFzDXoAgjrpeuUaCp1o9Djk5mfZwg4yCr78VEZ7W9xlWes3bdjOi:2VwVssGOzDXYU/s5IsBwTLQGWblMLs/y
Score6/10-
Modifies Windows Firewall
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
-
-
Target
$PLUGINSDIR/BgWorker.dll
-
Size
2KB
-
MD5
33ec04738007e665059cf40bc0f0c22b
-
SHA1
4196759a922e333d9b17bda5369f14c33cd5e3bc
-
SHA256
50f735ab8f3473423e6873d628150bbc0777be7b4f6405247cddf22bb00fb6be
-
SHA512
2318b01f0c2f2f021a618ca3e6e5c24a94df5d00154766b77160203b8b0a177c8581c7b688ffe69be93a69bc7fd06b8a589844d42447f5060fb4bcf94d8a9aef
Score3/10 -
-
-
Target
$PLUGINSDIR/CheckProVs.dll
-
Size
7KB
-
MD5
62e85098ce43cb3d5c422e49390b7071
-
SHA1
df6722f155ce2a1379eff53a9ad1611ddecbb3bf
-
SHA256
ee7e26894cbf89c93ae4df15bdb12cd9a21f5deacedfa99a01eefe8fa52daec2
-
SHA512
dfe7438c2b46f822e2a810bc355e5226043547608d19d1c70314e4325c06ad9ad63a797905e30d19f5d9a86ee1a6d9c28f525a298731e79dbf6f3d6441179a8e
-
SSDEEP
96:iqCVh8iNqVgRudZczLiJp2tvgaJOnT/323x3XQUPVAm6yBBECtu7ZyvN:9IhJqUudZkLi+bOni3x3X3PVR6yBBfj
Score3/10 -
-
-
Target
$PLUGINSDIR/ExecDos.dll
-
Size
6KB
-
MD5
774e3b33d151413dc826bf2421cd51e8
-
SHA1
ab2928dcf6fa54bb9eb16e5f64bfcffaaeee90fa
-
SHA256
91d5481f576382164703e4ac244052265769377838ac30233ad79c983ed9d454
-
SHA512
3cf955b13e81e4b6edb292df751ce7f64b0cf30979f57b1609f002859b4e68adc046b6674f76f7b7ce7144382316c344c11fed02d638e62fcc8464c32795a365
-
SSDEEP
96:38IgHUv7jr2GJ+dfuitjFVsDtwC6OcgHl7cFi1cyMV7WhWuaW:dCajridfjR6tw1OjHl7cE1KyhWua
Score3/10 -
-
-
Target
$PLUGINSDIR/GoogleTracingLib.dll
-
Size
36KB
-
MD5
d8fca35ff95fe00a7174177181f8bd13
-
SHA1
fbafea4d2790dd2c0d022dfb08ded91de7f5265e
-
SHA256
ad873f1e51e6d033e5507235ec735957256ebeeb0d3f22aa0b57bb4bd0846e4c
-
SHA512
eb530b10f137cb0cdfdcd2c11fd9f50f774e0ce44e9d2da3e755f6a6df24fe6e7525c27b109e3e68e9d3e49a889937a22f4d9d78703b1055a83b8a58808a58ba
-
SSDEEP
768:IWXV2fVEC5h9KclMCumc6plPHY4jq7rOZkdhKZV:8Smh9/BumTlg4kOZ+Kz
Score3/10 -
-
-
Target
$PLUGINSDIR/System.dll
-
Size
11KB
-
MD5
ca332bb753b0775d5e806e236ddcec55
-
SHA1
f35ef76592f20850baef2ebbd3c9a2cfb5ad8d8f
-
SHA256
df5ae79fa558dc7af244ec6e53939563b966e7dbd8867e114e928678dbd56e5d
-
SHA512
2de0956a1ad58ad7086e427e89b819089f2a7f1e4133ed2a0a736adc0614e8588ebe2d97f1b59ab8886d662aeb40e0b4838c6a65fbfc652253e3a45664a03a00
-
SSDEEP
192:eo24sihno00Wfl97nH6T2enXwWobpWBTU4VtHT7dmN35Ol6Sl:k8QIl975eXqlWBrz7YLOl6
Score3/10 -
-
-
Target
$PLUGINSDIR/dotNetFx45_Full_setup.exe
-
Size
982KB
-
MD5
9e8253f0a993e53b4809dbd74b335227
-
SHA1
f6ba6f03c65c3996a258f58324a917463b2d6ff4
-
SHA256
e434828818f81e6e1f5955e84caec08662bd154a80b24a71a2eda530d8b2f66a
-
SHA512
404d67d59fcd767e65d86395b38d1a531465cee5bb3c5cf3d1205975ff76d27d477fe8cc3842b8134f17b61292d8e2ffba71134fe50a36afd60b189b027f5af0
-
SSDEEP
24576:3idS2cRQNb9dUcyezFSja7zEwA2BH6SEUVGDKX68zuQm6wwr5mAPepC:SQ2cRQh9GexmCxBxVV56CmWQax
Score7/10-
Executes dropped EXE
-
Loads dropped DLL
-
-
-
Target
$PLUGINSDIR/msvcp100.dll
-
Size
593KB
-
MD5
d029339c0f59cf662094eddf8c42b2b5
-
SHA1
a0b6de44255ce7bfade9a5b559dd04f2972bfdc8
-
SHA256
934d882efd3c0f3f1efbc238ef87708f3879f5bb456d30af62f3368d58b6aa4c
-
SHA512
021d9af52e68cb7a3b0042d9ed6c9418552ee16df966f9ccedd458567c47d70471cb8851a69d3982d64571369664faeeae3be90e2e88a909005b9cdb73679c82
-
SSDEEP
12288:koBFUsQ1H5FH3YUTd/df0RA7XkNvEKZm+aWodEEiblHN/:dFUsQ1H5FHdGKkNvEKZm+aWodEEcHN/
Score1/10 -
-
-
Target
$PLUGINSDIR/msvcr100.dll
-
Size
809KB
-
MD5
366fd6f3a451351b5df2d7c4ecf4c73a
-
SHA1
50db750522b9630757f91b53df377fd4ed4e2d66
-
SHA256
ae3cb6c6afba9a4aa5c85f66023c35338ca579b30326dd02918f9d55259503d5
-
SHA512
2de764772b68a85204b7435c87e9409d753c2196cf5b2f46e7796c99a33943e167f62a92e8753eaa184cd81fb14361e83228eb1b474e0c3349ed387ec93e6130
-
SSDEEP
12288:QgzGPEett9Mw9HfBCddjMb2NQVmTW75JfmyyKWeHQGoko+1:HzJetPMw9HfBCrMb2Kc6dmyyKWewGzB1
Score1/10 -
-
-
Target
$PLUGINSDIR/nsDui.dll
-
Size
3.1MB
-
MD5
da277c7997c003698b5fb0b8bb9491bb
-
SHA1
c897c3d8809d9af00ab05cdbd1eb3f35f9e98d23
-
SHA256
e49008ab87c0f707fb2cac811b3a2c74ba82ee7f6e91635f5cf5ed6e3c2c09e7
-
SHA512
cd3b73449bdbfceba3d6975f749d91f9c75b312bebc670aedb2facd42e3c0d3d4775c77bea024d949502278e7539d2052ad96411677fd663961979fa6d456367
-
SSDEEP
49152:dlyjYo1+wiLWDEzNFoZQdHJ9A6ajb5dSr+vWcUsaTXmdQQKNkX:LyP1+kDEzNOWp9A6aBd+q/UBFHG
Score3/10 -
-
-
Target
$PLUGINSDIR/nsExec.dll
-
Size
6KB
-
MD5
ec62e1a8d16d8f1b0eb792aa26e5de5c
-
SHA1
faa219618aec99cffb81c312728dc56c1fdc5798
-
SHA256
193d396fc7be5fed9d585de3c43e23d640c1dce725499f0274b3898c248545aa
-
SHA512
cb3f3458cf734ab7b964ed25cac87ff2938292eed9caae1305b2e5975bde885f4d8b06d05d4099ef614982cd55d97e9ddc0f13bbe2cdd9fb642d008788ed3017
-
SSDEEP
96:O7fhZwXd8KgEbAa9PweF1WxD8ZLMJGgmkNp38:/N8KgWAuLWxD8ZAGgmkN
Score3/10 -
-
-
Target
$PLUGINSDIR/nsProcess.dll
-
Size
4KB
-
MD5
f0438a894f3a7e01a4aae8d1b5dd0289
-
SHA1
b058e3fcfb7b550041da16bf10d8837024c38bf6
-
SHA256
30c6c3dd3cc7fcea6e6081ce821adc7b2888542dae30bf00e881c0a105eb4d11
-
SHA512
f91fcea19cbddf8086affcb63fe599dc2b36351fc81ac144f58a80a524043ddeaa3943f36c86ebae45dd82e8faf622ea7b7c9b776e74c54b93df2963cfe66cc7
-
SSDEEP
48:Sz4joMeH+Iwdf8Rom/L+rOnnk5/OCnXeAdbdOAa4GPI+CJ87eILzlq7gthwIsEQW:64c/eFdfS/SSnkxNa4G+ueqPuCtGsj
Score3/10 -
-
-
Target
$PLUGINSDIR/nsis7z.dll
-
Size
313KB
-
MD5
06a47571ac922f82c098622b2f5f6f63
-
SHA1
8a581c33b7f2029c41edaad55d024fc0d2d7c427
-
SHA256
e4ab3064f2e094910ae80104ef9d371ccb74ebbeeed592582cf099acd83f5fe9
-
SHA512
04b3d18042f1faa536e1393179f412a5644d2cf691fbc14970f79df5c0594eeedb0826b495807a3243f27aaa0380423c1f975fe857f32e057309bb3f2a529a83
-
SSDEEP
6144:rA9ssOlBrbYr5UP4m3mC/FvBbhQ1JzI+yQKiJGxdNtsm0:r2S165UP4mL/FvBtC8zQdSDmm0
Score3/10 -
-
-
Target
$PLUGINSDIR/registry.dll
-
Size
24KB
-
MD5
2b7007ed0262ca02ef69d8990815cbeb
-
SHA1
2eabe4f755213666dbbbde024a5235ddde02b47f
-
SHA256
0b25b20f26de5d5bd795f934c70447112b4981343fcb2dfab3374a4018d28c2d
-
SHA512
aa75ee59ca0b8530eb7298b74e5f334ae9d14129f603b285a3170b82103cfdcc175af8185317e6207142517769e69a24b34fcdf0f58ed50a4960cbe8c22a0aca
-
SSDEEP
384:W2mvyNjH3rPnAZ4wu2QbnC7qB7PnrvScaeYA4CIDEge/QqL2AQ:/75w/OfrzB4CUxuQfA
Score3/10 -
-
-
Target
$PLUGINSDIR/uninstall.exe
-
Size
304KB
-
MD5
dac3b528233d00e3c2ee268b608fa4c0
-
SHA1
6c632ad2888cd93f2aa2aef0fde309e043c90f31
-
SHA256
0491c06f3771d5cdbe47042e8d40a17914e27a7b668b1d08e28f264b122a4dee
-
SHA512
f1109877a1ddd5e28ebbde7814f97aea530bb6581da4670e91f9593069f182561085cf1432c505261faef9a51564f0058db436998376e056d22b0260163ae0b3
-
SSDEEP
3072:j5szWOITsEL50jl7yI57isGg4oUeO0l2uuuuuuuuuuuuuuuuuuuDXVoE1wA3/FnZ:CzZZDFGg+mtgc/V2fo0xR6X7gpC
Score5/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
-
-
Target
$PLUGINSDIR/BgWorker.dll
-
Size
2KB
-
MD5
33ec04738007e665059cf40bc0f0c22b
-
SHA1
4196759a922e333d9b17bda5369f14c33cd5e3bc
-
SHA256
50f735ab8f3473423e6873d628150bbc0777be7b4f6405247cddf22bb00fb6be
-
SHA512
2318b01f0c2f2f021a618ca3e6e5c24a94df5d00154766b77160203b8b0a177c8581c7b688ffe69be93a69bc7fd06b8a589844d42447f5060fb4bcf94d8a9aef
Score3/10 -