Overview
overview
7Static
static
7anyunlock-...up.exe
windows7-x64
7anyunlock-...up.exe
windows10-2004-x64
7$PLUGINSDI...Vs.dll
windows7-x64
3$PLUGINSDI...Vs.dll
windows10-2004-x64
3$PLUGINSDI...ls.dll
windows7-x64
3$PLUGINSDI...ls.dll
windows10-2004-x64
3$PLUGINSDI...em.dll
windows7-x64
3$PLUGINSDI...em.dll
windows10-2004-x64
3$PLUGINSDI...up.exe
windows7-x64
7$PLUGINSDI...up.exe
windows10-2004-x64
7$PLUGINSDI...ec.dll
windows7-x64
3$PLUGINSDI...ec.dll
windows10-2004-x64
3$PLUGINSDI...ss.dll
windows7-x64
3$PLUGINSDI...ss.dll
windows10-2004-x64
3$PLUGINSDIR/setup.exe
windows7-x64
1$PLUGINSDIR/setup.exe
windows10-2004-x64
1$PLUGINSDI...ll.exe
windows7-x64
7$PLUGINSDI...ll.exe
windows10-2004-x64
7$PLUGINSDI...er.dll
windows7-x64
3$PLUGINSDI...er.dll
windows10-2004-x64
3$PLUGINSDI...Vs.dll
windows7-x64
3$PLUGINSDI...Vs.dll
windows10-2004-x64
3$PLUGINSDI...ib.dll
windows7-x64
1$PLUGINSDI...ib.dll
windows10-2004-x64
3$PLUGINSDI...el.dll
windows7-x64
7$PLUGINSDI...el.dll
windows10-2004-x64
7$PLUGINSDI...tn.dll
windows7-x64
3$PLUGINSDI...tn.dll
windows10-2004-x64
3$PLUGINSDI...em.dll
windows7-x64
3$PLUGINSDI...em.dll
windows10-2004-x64
3$PLUGINSDI...gs.dll
windows7-x64
3$PLUGINSDI...gs.dll
windows10-2004-x64
3General
-
Target
anyunlock-iphone-password-unlocker-en-official-setup.exe
-
Size
14.1MB
-
Sample
240517-jqepdagf66
-
MD5
d8d56702bf1be2a044d1dcf4c514015a
-
SHA1
41e655363fedc10334566138148bfd636863bd28
-
SHA256
592816a5ca2054f7b0430ffd2e7cc88d9d5ba970a22684f71267be3d8a39eac2
-
SHA512
6b8b42f2935b9bb15875dd8b599d6d991b244c93e0842a828edf075aa05a76434ed0c29e5156f2748b69c91419d26f68f6d9b7152285256d89bb66ea11edc393
-
SSDEEP
196608:L06C6iZ1VR5nVGRXmEY9RRdwMw6C7S2F2euxVQQPZrMYDdauyGCqKilFn+FlZudh:LWnoZmEYXRxrCzb8M2zyLclFnGzTKUIv
Behavioral task
behavioral1
Sample
anyunlock-iphone-password-unlocker-en-official-setup.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
anyunlock-iphone-password-unlocker-en-official-setup.exe
Resource
win10v2004-20240426-en
Behavioral task
behavioral3
Sample
$PLUGINSDIR/CheckProVs.dll
Resource
win7-20240220-en
Behavioral task
behavioral4
Sample
$PLUGINSDIR/CheckProVs.dll
Resource
win10v2004-20240426-en
Behavioral task
behavioral5
Sample
$PLUGINSDIR/SkinnedControls.dll
Resource
win7-20231129-en
Behavioral task
behavioral6
Sample
$PLUGINSDIR/SkinnedControls.dll
Resource
win10v2004-20240508-en
Behavioral task
behavioral7
Sample
$PLUGINSDIR/System.dll
Resource
win7-20240508-en
Behavioral task
behavioral8
Sample
$PLUGINSDIR/System.dll
Resource
win10v2004-20240508-en
Behavioral task
behavioral9
Sample
$PLUGINSDIR/dotNetFx45_Full_setup.exe
Resource
win7-20240419-en
Behavioral task
behavioral10
Sample
$PLUGINSDIR/dotNetFx45_Full_setup.exe
Resource
win10v2004-20240426-en
Behavioral task
behavioral11
Sample
$PLUGINSDIR/nsExec.dll
Resource
win7-20240508-en
Behavioral task
behavioral12
Sample
$PLUGINSDIR/nsExec.dll
Resource
win10v2004-20240508-en
Behavioral task
behavioral13
Sample
$PLUGINSDIR/nsProcess.dll
Resource
win7-20240221-en
Behavioral task
behavioral14
Sample
$PLUGINSDIR/nsProcess.dll
Resource
win10v2004-20240426-en
Behavioral task
behavioral15
Sample
$PLUGINSDIR/setup.exe
Resource
win7-20231129-en
Behavioral task
behavioral16
Sample
$PLUGINSDIR/setup.exe
Resource
win10v2004-20240508-en
Behavioral task
behavioral17
Sample
$PLUGINSDIR/uninstall.exe
Resource
win7-20240508-en
Behavioral task
behavioral18
Sample
$PLUGINSDIR/uninstall.exe
Resource
win10v2004-20240508-en
Behavioral task
behavioral19
Sample
$PLUGINSDIR/BgWorker.dll
Resource
win7-20240220-en
Behavioral task
behavioral20
Sample
$PLUGINSDIR/BgWorker.dll
Resource
win10v2004-20240508-en
Behavioral task
behavioral21
Sample
$PLUGINSDIR/CheckProVs.dll
Resource
win7-20240221-en
Behavioral task
behavioral22
Sample
$PLUGINSDIR/CheckProVs.dll
Resource
win10v2004-20240508-en
Behavioral task
behavioral23
Sample
$PLUGINSDIR/GoogleTracingLib.dll
Resource
win7-20240215-en
Behavioral task
behavioral24
Sample
$PLUGINSDIR/GoogleTracingLib.dll
Resource
win10v2004-20240426-en
Behavioral task
behavioral25
Sample
$PLUGINSDIR/SelfDel.dll
Resource
win7-20240221-en
Behavioral task
behavioral26
Sample
$PLUGINSDIR/SelfDel.dll
Resource
win10v2004-20240426-en
Behavioral task
behavioral27
Sample
$PLUGINSDIR/SkinBtn.dll
Resource
win7-20231129-en
Behavioral task
behavioral28
Sample
$PLUGINSDIR/SkinBtn.dll
Resource
win10v2004-20240426-en
Behavioral task
behavioral29
Sample
$PLUGINSDIR/System.dll
Resource
win7-20240221-en
Behavioral task
behavioral30
Sample
$PLUGINSDIR/System.dll
Resource
win10v2004-20240508-en
Behavioral task
behavioral31
Sample
$PLUGINSDIR/nsDialogs.dll
Resource
win7-20240508-en
Behavioral task
behavioral32
Sample
$PLUGINSDIR/nsDialogs.dll
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
anyunlock-iphone-password-unlocker-en-official-setup.exe
-
Size
14.1MB
-
MD5
d8d56702bf1be2a044d1dcf4c514015a
-
SHA1
41e655363fedc10334566138148bfd636863bd28
-
SHA256
592816a5ca2054f7b0430ffd2e7cc88d9d5ba970a22684f71267be3d8a39eac2
-
SHA512
6b8b42f2935b9bb15875dd8b599d6d991b244c93e0842a828edf075aa05a76434ed0c29e5156f2748b69c91419d26f68f6d9b7152285256d89bb66ea11edc393
-
SSDEEP
196608:L06C6iZ1VR5nVGRXmEY9RRdwMw6C7S2F2euxVQQPZrMYDdauyGCqKilFn+FlZudh:LWnoZmEYXRxrCzb8M2zyLclFnGzTKUIv
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
-
-
Target
$PLUGINSDIR/CheckProVs.dll
-
Size
7KB
-
MD5
62e85098ce43cb3d5c422e49390b7071
-
SHA1
df6722f155ce2a1379eff53a9ad1611ddecbb3bf
-
SHA256
ee7e26894cbf89c93ae4df15bdb12cd9a21f5deacedfa99a01eefe8fa52daec2
-
SHA512
dfe7438c2b46f822e2a810bc355e5226043547608d19d1c70314e4325c06ad9ad63a797905e30d19f5d9a86ee1a6d9c28f525a298731e79dbf6f3d6441179a8e
-
SSDEEP
96:iqCVh8iNqVgRudZczLiJp2tvgaJOnT/323x3XQUPVAm6yBBECtu7ZyvN:9IhJqUudZkLi+bOni3x3X3PVR6yBBfj
Score3/10 -
-
-
Target
$PLUGINSDIR/SkinnedControls.dll
-
Size
77KB
-
MD5
364bb3c9218429dd1315ad1db47e152d
-
SHA1
3253c1a381161c268bce8c487e892c8e5dd29dc3
-
SHA256
5f7998711ea856730139c4dac403f11b947ed94a464dc6d2d4b22f928c3a8536
-
SHA512
d9084068a259acb9a1691d10da8610053d3abdf6dc78d7357d80d1ac794d940478d2b05c3050484680ddee4c832ae30d71a67b2c2978845e298aca48058e01f6
-
SSDEEP
768:Q0p2dJFs6nYFg0vxrF9jd+IpMCGC8BnmmfJmLVp1aB5tEEThyX7QirbTGgyhTFDK:Q0YsX7vxGjBvJgVTadaXBTeh55axv
Score3/10 -
-
-
Target
$PLUGINSDIR/System.dll
-
Size
11KB
-
MD5
ca332bb753b0775d5e806e236ddcec55
-
SHA1
f35ef76592f20850baef2ebbd3c9a2cfb5ad8d8f
-
SHA256
df5ae79fa558dc7af244ec6e53939563b966e7dbd8867e114e928678dbd56e5d
-
SHA512
2de0956a1ad58ad7086e427e89b819089f2a7f1e4133ed2a0a736adc0614e8588ebe2d97f1b59ab8886d662aeb40e0b4838c6a65fbfc652253e3a45664a03a00
-
SSDEEP
192:eo24sihno00Wfl97nH6T2enXwWobpWBTU4VtHT7dmN35Ol6Sl:k8QIl975eXqlWBrz7YLOl6
Score3/10 -
-
-
Target
$PLUGINSDIR/dotNetFx45_Full_setup.exe
-
Size
982KB
-
MD5
9e8253f0a993e53b4809dbd74b335227
-
SHA1
f6ba6f03c65c3996a258f58324a917463b2d6ff4
-
SHA256
e434828818f81e6e1f5955e84caec08662bd154a80b24a71a2eda530d8b2f66a
-
SHA512
404d67d59fcd767e65d86395b38d1a531465cee5bb3c5cf3d1205975ff76d27d477fe8cc3842b8134f17b61292d8e2ffba71134fe50a36afd60b189b027f5af0
-
SSDEEP
24576:3idS2cRQNb9dUcyezFSja7zEwA2BH6SEUVGDKX68zuQm6wwr5mAPepC:SQ2cRQh9GexmCxBxVV56CmWQax
Score7/10-
Executes dropped EXE
-
Loads dropped DLL
-
-
-
Target
$PLUGINSDIR/nsExec.dll
-
Size
6KB
-
MD5
ec62e1a8d16d8f1b0eb792aa26e5de5c
-
SHA1
faa219618aec99cffb81c312728dc56c1fdc5798
-
SHA256
193d396fc7be5fed9d585de3c43e23d640c1dce725499f0274b3898c248545aa
-
SHA512
cb3f3458cf734ab7b964ed25cac87ff2938292eed9caae1305b2e5975bde885f4d8b06d05d4099ef614982cd55d97e9ddc0f13bbe2cdd9fb642d008788ed3017
-
SSDEEP
96:O7fhZwXd8KgEbAa9PweF1WxD8ZLMJGgmkNp38:/N8KgWAuLWxD8ZAGgmkN
Score3/10 -
-
-
Target
$PLUGINSDIR/nsProcess.dll
-
Size
4KB
-
MD5
f0438a894f3a7e01a4aae8d1b5dd0289
-
SHA1
b058e3fcfb7b550041da16bf10d8837024c38bf6
-
SHA256
30c6c3dd3cc7fcea6e6081ce821adc7b2888542dae30bf00e881c0a105eb4d11
-
SHA512
f91fcea19cbddf8086affcb63fe599dc2b36351fc81ac144f58a80a524043ddeaa3943f36c86ebae45dd82e8faf622ea7b7c9b776e74c54b93df2963cfe66cc7
-
SSDEEP
48:Sz4joMeH+Iwdf8Rom/L+rOnnk5/OCnXeAdbdOAa4GPI+CJ87eILzlq7gthwIsEQW:64c/eFdfS/SSnkxNa4G+ueqPuCtGsj
Score3/10 -
-
-
Target
$PLUGINSDIR/setup.exe
-
Size
3.3MB
-
MD5
023dfce70301896fb6b2e15eca718549
-
SHA1
64bf799250c2d437b8dd2f0c7c7e6509394565d9
-
SHA256
9140755badab25fcca359fe83f74a4a435ec6136302ddafb489a90f563ad4157
-
SHA512
e47fbb80e62a02018ffd0484e21d9f80bd6469ef0df745d7f5aff7bc5ca91a487bbbcdc2d0a9b0c67352a33c97bced3f0184ba42960f1cf7c6313004fbf4eede
-
SSDEEP
98304:lR41UPttYZbwA2PNb8XxD3GH5X3ng8SCC6akRuLy:M1eY3xbGZXXg8SCv+Ly
Score1/10 -
-
-
Target
$PLUGINSDIR/uninstall.exe
-
Size
11.2MB
-
MD5
19c95f9115e675a52a79c6d8e3e4461c
-
SHA1
695bdec79f51d3297cb618009f010272d08c23f1
-
SHA256
59573565cfd215df52c6dd0ade7223167fb3bf8147c140abad145b36f4b3d021
-
SHA512
b2924364797d97e8be18460045b41be1689222f6c3326b67e9b8f5aaa310bee08672bc0fcc9f9d0b4e0522a686765943b1aa8a631d863da72aad7d92d7940597
-
SSDEEP
196608:4hKgznK4UZ9oHpWSQQ+87W4DFPwV422RBhox+Ht+FPYLrvaDbP8+uDgCAoB:4hK4K4UZyHdN+8b/hGG+ByvaDzfxoB
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
-
-
Target
$PLUGINSDIR/BgWorker.dll
-
Size
2KB
-
MD5
33ec04738007e665059cf40bc0f0c22b
-
SHA1
4196759a922e333d9b17bda5369f14c33cd5e3bc
-
SHA256
50f735ab8f3473423e6873d628150bbc0777be7b4f6405247cddf22bb00fb6be
-
SHA512
2318b01f0c2f2f021a618ca3e6e5c24a94df5d00154766b77160203b8b0a177c8581c7b688ffe69be93a69bc7fd06b8a589844d42447f5060fb4bcf94d8a9aef
Score3/10 -
-
-
Target
$PLUGINSDIR/CheckProVs.dll
-
Size
7KB
-
MD5
62e85098ce43cb3d5c422e49390b7071
-
SHA1
df6722f155ce2a1379eff53a9ad1611ddecbb3bf
-
SHA256
ee7e26894cbf89c93ae4df15bdb12cd9a21f5deacedfa99a01eefe8fa52daec2
-
SHA512
dfe7438c2b46f822e2a810bc355e5226043547608d19d1c70314e4325c06ad9ad63a797905e30d19f5d9a86ee1a6d9c28f525a298731e79dbf6f3d6441179a8e
-
SSDEEP
96:iqCVh8iNqVgRudZczLiJp2tvgaJOnT/323x3XQUPVAm6yBBECtu7ZyvN:9IhJqUudZkLi+bOni3x3X3PVR6yBBfj
Score3/10 -
-
-
Target
$PLUGINSDIR/GoogleTracingLib.dll
-
Size
36KB
-
MD5
d8fca35ff95fe00a7174177181f8bd13
-
SHA1
fbafea4d2790dd2c0d022dfb08ded91de7f5265e
-
SHA256
ad873f1e51e6d033e5507235ec735957256ebeeb0d3f22aa0b57bb4bd0846e4c
-
SHA512
eb530b10f137cb0cdfdcd2c11fd9f50f774e0ce44e9d2da3e755f6a6df24fe6e7525c27b109e3e68e9d3e49a889937a22f4d9d78703b1055a83b8a58808a58ba
-
SSDEEP
768:IWXV2fVEC5h9KclMCumc6plPHY4jq7rOZkdhKZV:8Smh9/BumTlg4kOZ+Kz
Score3/10 -
-
-
Target
$PLUGINSDIR/SelfDel.dll
-
Size
5KB
-
MD5
e5786e8703d651bc8bd4bfecf46d3844
-
SHA1
fee5aa4b325deecbf69ccb6eadd89bd5ae59723f
-
SHA256
d115bce0a787b4f895e700efe943695c8f1087782807d91d831f6015b0f98774
-
SHA512
d14ad43a01db19428cd8ccd2fe101750860933409b5be2eb85a3e400efcd37b1b6425ce84e87a7fe46ecabc7b91c4b450259e624c178b86e194ba7da97957ba3
-
SSDEEP
96:NdekHUj5z13cPopei+Ml9PNDFbS7xg+TScrQ5:NdeuU9xcPopr+M9FbSS+TSE
Score7/10-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
-
-
Target
$PLUGINSDIR/SkinBtn.dll
-
Size
4KB
-
MD5
29818862640ac659ce520c9c64e63e9e
-
SHA1
485e1e6cc552fa4f05fb767043b1e7c9eb80be64
-
SHA256
e96afa894a995a6097a405df76155a7a39962ff6cae7a59d89a25e5a34ab9eeb
-
SHA512
ebb94eb21e060fb90ec9c86787eada42c7c9e1e7628ea4b16d3c7b414f554a94d5e4f4abe0e4ee30fddf4f904fd3002770a9b967fbd0feeca353e21079777057
-
SSDEEP
96:lNM22eGbMlQMYbDnmaxn/nPm1Xe+KuAaK:D32eGbMlQMuHvqXe
Score3/10 -
-
-
Target
$PLUGINSDIR/System.dll
-
Size
11KB
-
MD5
ca332bb753b0775d5e806e236ddcec55
-
SHA1
f35ef76592f20850baef2ebbd3c9a2cfb5ad8d8f
-
SHA256
df5ae79fa558dc7af244ec6e53939563b966e7dbd8867e114e928678dbd56e5d
-
SHA512
2de0956a1ad58ad7086e427e89b819089f2a7f1e4133ed2a0a736adc0614e8588ebe2d97f1b59ab8886d662aeb40e0b4838c6a65fbfc652253e3a45664a03a00
-
SSDEEP
192:eo24sihno00Wfl97nH6T2enXwWobpWBTU4VtHT7dmN35Ol6Sl:k8QIl975eXqlWBrz7YLOl6
Score3/10 -
-
-
Target
$PLUGINSDIR/nsDialogs.dll
-
Size
9KB
-
MD5
904d8313031ac05e2bac3dd329828833
-
SHA1
6c8322f76e5c38bc24b0bcc057a510c92ec40b43
-
SHA256
a7c5516478ab02b5d6c1684b3c2b31ee03331712bcd9f9a8ef8309d2b72c8ec4
-
SHA512
9d524ebc965f224e1a16f537f71df0963c586fd548cb9a901f8afb1951416dd656d5493cc5e304157dfa6d70d69bcd4c5a5b140fceb3736548e71fe7086b6de8
-
SSDEEP
192:oR8cxzvTyl4tgi8pPjQM0PuAg0YNyAUIFtSP:IBxzm+t18pZ0WAg0RzIFg
Score3/10 -