Overview

overview

7

Static

static

3

ByPass.Exploit.dll

windows7-x64

1

ByPass.Exploit.dll

windows10-2004-x64

1

ByPass.Tools.dll

windows7-x64

1

ByPass.Tools.dll

windows10-2004-x64

1

MTK ByPass.exe

windows7-x64

1

MTK ByPass.exe

windows10-2004-x64

1

MTK ByPass.exe

windows7-x64

1

MTK ByPass.exe

windows10-2004-x64

7

OSVersionInfo.dll

windows7-x64

1

OSVersionInfo.dll

windows10-2004-x64

1

System.CodeDom.dll

windows7-x64

1

System.CodeDom.dll

windows10-2004-x64

1

System.Management.dll

windows7-x64

1

System.Management.dll

windows10-2004-x64

1

runtimes/M...mt.xml

windows7-x64

1

runtimes/M...mt.xml

windows10-2004-x64

1

runtimes/b...ain.py

ubuntu-18.04-amd64

runtimes/b...ain.py

debian-9-armhf

runtimes/b...ain.py

debian-9-mips

runtimes/b...ain.py

debian-9-mipsel

runtimes/d...es.dll

windows7-x64

1

runtimes/d...es.dll

windows10-2004-x64

1

runtimes/d...ta.dll

windows7-x64

1

runtimes/d...ta.dll

windows10-2004-x64

1

runtimes/i...in.exe

windows7-x64

1

runtimes/i...in.exe

windows10-2004-x64

1

runtimes/l...rse.py

windows7-x64

3

runtimes/l...rse.py

windows10-2004-x64

3

runtimes/l...t__.py

ubuntu-18.04-amd64

1

runtimes/l...t__.py

debian-9-armhf

1

runtimes/l...t__.py

debian-9-mips

runtimes/l...t__.py

debian-9-mipsel

Sharing

Copy URL Twitter E-mail

General

  • Target

    net8.0-windows.7z

  • Size

    2.0MB

  • MD5

    4bd337f4ddb8fca9067239902c637fab

  • SHA1

    6936f1ecff64fe0c6f01fac8eb22a6b5d7450899

  • SHA256

    8e99dfdfbc9a12b86b53dd8e5859b0a63ed0a2d9716b07a2cf9de9c120d98e4a

  • SHA512

    0076687c7499cad6070b8b85d9102e371b4628330a5fb31fc0406315b046728628fd6ae324088323de2e3832fd09685f6d2e6ccc2cf22194dc30399cb5f958d9

  • SSDEEP

    49152:qxmV1dnFy54obbUbTheAgo4eZH/jkqHByIWl+87tK84jliV:qJyb9eAjFZH/j1Bm8gtK84jgV

Score
3/10

Malware Config

Signatures

  • Unsigned PE 8 IoCs

    Checks for missing Authenticode signature.

Files

  • net8.0-windows.7z
    .7z
  • ByPass.Exploit.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • ByPass.Exploit.pdb
  • ByPass.Tools.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • ByPass.Tools.pdb
  • MTK ByPass.deps.json
  • MTK ByPass.dll
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • MTK ByPass.exe
    .exe windows:6 windows x64 arch:x64

    6a91eb82bfd19d2706c7d43c46f7064e


    Headers

    Imports

    Sections

  • MTK ByPass.pdb
  • MTK ByPass.runtimeconfig.json
  • OSVersionInfo.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • System.CodeDom.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Code Sign

    Headers

    Imports

    Sections

  • System.Management.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Code Sign

    Headers

    Imports

    Sections

  • runtimes/Mmc_DevMgmt.msc
    .xml
  • runtimes/Play.ttf
  • runtimes/bypass/default_config.json5
  • runtimes/bypass/main.py
    .py .sh linux
  • runtimes/bypass/payloads/generic_dump_payload.bin
  • runtimes/bypass/payloads/generic_reboot_payload.bin
  • runtimes/bypass/payloads/generic_uart_dump_payload.bin
  • runtimes/bypass/payloads/mt6572_payload.bin
  • runtimes/bypass/payloads/mt6735_payload.bin
  • runtimes/bypass/payloads/mt6737_payload.bin
  • runtimes/bypass/payloads/mt6739_payload.bin
  • runtimes/bypass/payloads/mt6750_payload.bin
  • runtimes/bypass/payloads/mt6765_payload.bin
  • runtimes/bypass/payloads/mt6768_payload.bin
  • runtimes/bypass/payloads/mt6771_payload.bin
  • runtimes/bypass/payloads/mt6785_payload.bin
  • runtimes/bypass/payloads/mt8127_payload.bin
  • runtimes/bypass/payloads/mt8163_payload.bin
  • runtimes/bypass/payloads/mt8173_payload.bin
  • runtimes/bypass/payloads/mt8695_payload.bin
  • runtimes/bypass/src/common.py
  • runtimes/bypass/src/config.py
  • runtimes/bypass/src/device.py
  • runtimes/bypass/src/exploit.py
  • runtimes/bypass/src/logger.py
  • runtimes/dlls/_ctypes.pyd
    .dll windows:6 windows x86 arch:x86

    e918332b2d9bb8b4a39a92f3450c582f


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • runtimes/dlls/unicodedata.pyd
    .dll windows:6 windows x86 arch:x86

    49f99baad66fc7493daf65bbdc0110ac


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • runtimes/isuseradmin.exe
    .exe windows:4 windows x86 arch:x86

    8cefea5840ceed1d6c52684526dff2fe


    Headers

    Imports

    Sections

  • runtimes/lib/__future__.py
  • runtimes/lib/_collections_abc.py
  • runtimes/lib/_sitebuiltins.py
  • runtimes/lib/_weakrefset.py
  • runtimes/lib/abc.py
  • runtimes/lib/argparse.py
    .py .vbs
  • runtimes/lib/codecs.py
  • runtimes/lib/collections/__init__.py
  • runtimes/lib/collections/abc.py
  • runtimes/lib/contextlib.py
  • runtimes/lib/copy.py
  • runtimes/lib/copyreg.py
  • runtimes/lib/ctypes/__init__.py
  • runtimes/lib/ctypes/_endian.py
  • runtimes/lib/ctypes/util.py
  • runtimes/lib/ctypes/wintypes.py
  • runtimes/lib/datetime.py
  • runtimes/lib/encodings/__init__.py
  • runtimes/lib/encodings/aliases.py
  • runtimes/lib/encodings/ascii.py
  • runtimes/lib/encodings/latin_1.py
  • runtimes/lib/encodings/utf_8.py
  • runtimes/lib/enum.py
  • runtimes/lib/fnmatch.py
  • runtimes/lib/functools.py
  • runtimes/lib/genericpath.py
  • runtimes/lib/gettext.py
  • runtimes/lib/glob.py
  • runtimes/lib/heapq.py
  • runtimes/lib/importlib/__init__.py
  • runtimes/lib/io.py
  • runtimes/lib/keyword.py
  • runtimes/lib/linecache.py
  • runtimes/lib/locale.py
  • runtimes/lib/logging/__init__.py
  • runtimes/lib/ntpath.py
  • runtimes/lib/operator.py
  • runtimes/lib/os.py
  • runtimes/lib/posixpath.py
  • runtimes/lib/re.py
  • runtimes/lib/reprlib.py
  • runtimes/lib/shutil.py
  • runtimes/lib/signal.py
  • runtimes/lib/site-packages/json5/__init__.py
  • runtimes/lib/site-packages/json5/lib.py
  • runtimes/lib/site-packages/json5/parser.py
  • runtimes/lib/site-packages/json5/version.py
  • runtimes/lib/site-packages/serial/__init__.py
    .py .sh linux
  • runtimes/lib/site-packages/serial/serialutil.py
  • runtimes/lib/site-packages/serial/serialwin32.py
  • runtimes/lib/site-packages/serial/threaded/__init__.py
    .py .sh linux
  • runtimes/lib/site-packages/serial/tools/list_ports.py
    .py .sh linux
  • runtimes/lib/site-packages/serial/tools/list_ports_common.py
    .py .sh linux
  • runtimes/lib/site-packages/serial/tools/list_ports_windows.py
  • runtimes/lib/site-packages/serial/win32.py
  • runtimes/lib/site-packages/usb/__init__.py
  • runtimes/lib/site-packages/usb/_debug.py
  • runtimes/lib/site-packages/usb/_interop.py
  • runtimes/lib/site-packages/usb/_lookup.py
  • runtimes/lib/site-packages/usb/_objfinalizer.py
  • runtimes/lib/site-packages/usb/_version.py
  • runtimes/lib/site-packages/usb/backend/__init__.py
  • runtimes/lib/site-packages/usb/backend/libusb0.py
  • runtimes/lib/site-packages/usb/backend/libusb1.py
  • runtimes/lib/site-packages/usb/backend/openusb.py
  • runtimes/lib/site-packages/usb/control.py
  • runtimes/lib/site-packages/usb/core.py
  • runtimes/lib/site-packages/usb/legacy.py
  • runtimes/lib/site-packages/usb/libloader.py
  • runtimes/lib/site-packages/usb/util.py
  • runtimes/lib/site.py
  • runtimes/lib/sre_compile.py
  • runtimes/lib/sre_constants.py
  • runtimes/lib/sre_parse.py
  • runtimes/lib/stat.py
  • runtimes/lib/string.py
  • runtimes/lib/struct.py
  • runtimes/lib/subprocess.py
  • runtimes/lib/sysconfig.py
  • runtimes/lib/textwrap.py
  • runtimes/lib/threading.py
  • runtimes/lib/token.py
  • runtimes/lib/tokenize.py
  • runtimes/lib/traceback.py
  • runtimes/lib/types.py
  • runtimes/lib/warnings.py
  • runtimes/lib/weakref.py
  • runtimes/libusb/_tocopy/x32_libusb0.dll
    .dll windows:6 windows x86 arch:x86

    16cfa198e44dfce3c5ad03895857845f


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • runtimes/libusb/_tocopy/x32_libusb0.sys
    .sys windows:6 windows x86 arch:x86

    bbd34d0dbb7e475d51fdadff6b7a0a6e


    Code Sign

    Headers

    Imports

    Sections

  • runtimes/libusb/_tocopy/x64_libusb0.dll
    .dll windows:6 windows x64 arch:x64

    eae5e3d8124867fcc1b4265dbecb5d87


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • runtimes/libusb/_tocopy/x64_libusb0.sys
    .sys windows:6 windows x64 arch:x64

    f771fcc2fe54680d21562f599db14975


    Code Sign

    Headers

    Imports

    Sections

  • runtimes/libusb/bin/x32_install-filter.exe
    .exe windows:6 windows x86 arch:x86

    a299004fe279f5877a6d9cafc3ee50fa


    Headers

    Imports

    Sections

  • runtimes/libusb/bin/x64_install-filter.exe
    .exe windows:6 windows x64 arch:x64

    ef2a6b24aaedbaa7af3ee919fcdc75bf


    Headers

    Imports

    Sections

  • runtimes/python.exe
    .exe windows:6 windows x86 arch:x86

    e104fbff5217207e5ca021974fb3bd72


    Code Sign

    Headers

    Imports

    Sections

  • runtimes/python3.dll
    .dll windows:6 windows x86 arch:x86


    Code Sign

    Headers

    Exports

    Sections

  • runtimes/python36.dll
    .dll windows:6 windows x86 arch:x86

    d655275e82363beae90d8c1476026043


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • runtimes/usbvcom.cat
  • runtimes/usbvcom.inf
  • runtimes/usbvcom_brom.cat
  • runtimes/usbvcom_brom.inf
  • runtimes/vcruntime140.dll
    .dll windows:6 windows x86 arch:x86

    bce6cb8176b668cdcb2d40cc40633f64


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • runtimes/win/lib/net8.0/System.Management.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Code Sign

    Headers

    Imports

    Sections