Overview

overview

7

Static

static

7

FRPFILE AI....8.exe

windows7-x64

7

FRPFILE AI....8.exe

windows10-2004-x64

7

FRPFILE AI...IO.dll

windows7-x64

1

FRPFILE AI...IO.dll

windows10-2004-x64

1

FRPFILE AI...bypass

macos-10.15-amd64

1

FRPFILE AI...ypass1

macos-10.15-amd64

1

FRPFILE AI...ypass2

macos-10.15-amd64

4

FRPFILE AI.../erase

macos-10.15-amd64

1

FRPFILE AI...se.dll

macos-10.15-amd64

4

FRPFILE AI...estart

macos-10.15-amd64

1

FRPFILE AI...f/lzma

macos-10.15-amd64

1

FRPFILE AI...ileact

ubuntu-18.04-amd64

1

FRPFILE AI...ileact

debian-9-armhf

1

FRPFILE AI...ileact

debian-9-mips

FRPFILE AI...ileact

debian-9-mipsel

FRPFILE AI...ct1247

ubuntu-18.04-amd64

6

FRPFILE AI...ct1247

debian-9-armhf

1

FRPFILE AI...ct1247

debian-9-mips

FRPFILE AI...ct1247

debian-9-mipsel

FRPFILE AI...f/mon2

macos-10.15-amd64

4

FRPFILE AI...plutil

macos-10.15-amd64

1

FRPFILE AI....dylib

macos-10.15-amd64

4

FRPFILE AI...32.dll

windows7-x64

1

FRPFILE AI...32.dll

windows10-2004-x64

1

FRPFILE AI...32.dll

windows7-x64

1

FRPFILE AI...32.dll

windows10-2004-x64

1

FRPFILE AI...z2.dll

windows7-x64

1

FRPFILE AI...z2.dll

windows10-2004-x64

1

FRPFILE AI...pt.dll

windows7-x64

1

FRPFILE AI...pt.dll

windows10-2004-x64

1

FRPFILE AI...id.exe

windows7-x64

1

FRPFILE AI...id.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    0s
  • max time network
    129s
  • platform
    ubuntu-18.04_amd64
  • resource
    ubuntu1804-amd64-20240226-en
  • resource tags

    arch:amd64arch:i386image:ubuntu1804-amd64-20240226-enkernel:4.15.0-213-genericlocale:en-usos:ubuntu-18.04-amd64system
  • submitted
    05-05-2024 01:31

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    FRPFILE AIO v2.8.4/ref/mobileact1247

  • Size

    406B

  • MD5

    e081ef6ebf41b991575561ae9d9aded2

  • SHA1

    203c9e335c9dde271fd5817043da1165e6b0113e

  • SHA256

    ac551e69e727cbed0c273605c2b088021a4381ec8b8d902ec6ff42c0c2316999

  • SHA512

    e3c9cf7b71ddc7c29ecd40a36fee0fa6a512d06416b7d8ff449e782cd797e2bedf1c756e972d3da992fcb661c77b83f8e0d298dee3b33da82933c44f39cefd44

Score
6/10

Malware Config

Signatures

  • Enumerates running processes

    Discovers information about currently running processes on the system

  • Reads runtime system information 64 IoCs

    Reads data from /proc virtual filesystem.

Processes

  • /tmp/FRPFILE AIO v2.8.4/ref/mobileact1247
    "/tmp/FRPFILE AIO v2.8.4/ref/mobileact1247"
    1⤵
      PID:1536
      • /usr/bin/killall
        killall Setup
        2⤵
        • Reads runtime system information
        PID:1539
      • /usr/bin/killall
        killall Setup
        2⤵
        • Reads runtime system information
        PID:1542

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads