2ce267bc9f667c070be13be256344023b02850182cdb1e91b074464aafd78a9f

Sharing

Copy URL

Twitter E-mail

General

Target

iUnlock GSM Ramdisk.zip
Size

60.6MB
Sample

240706-a12gfsshrf
MD5

f1b5bc044e872cfc036e74e06894034b
SHA1

38848fa4210def84f10c2ae069754470b0d08366
SHA256

2ce267bc9f667c070be13be256344023b02850182cdb1e91b074464aafd78a9f
SHA512

e1b072a27ff3a80c512126f1bbaf8baa25549f52a97e11dac1af80359c17d425b7e85628de7b3b52bba7cd256785e6ad501e04575c43f23f1ba04b74010d68c3
SSDEEP

1572864:PJXiSvT6QvupPDtisHisldVzr+k96uB3er0hIDYcQjlDYBtFt4G68JD:diuOphZHZzZ1Er0lcQhOtFtfB

Score

7^/10

agilenet

Malware Config

Targets

- Target
  
  iUnlock GSM Ramdisk/Guna.UI2.dll
- Size
  
  2.1MB
- MD5
  
  e7f9b23af149df81c5d616d282601f3a
- SHA1
  
  41cbe6fc5f2f8d1cccc83832d5e70d78097ce326
- SHA256
  
  3bdaceaf556de968dc53723fe98d0975ec0b088102f975eb62a1d1d5e6255d3c
- SHA512
  
  c6f321abe39da3c415c7005ddf47c8fe61772b9c50f3e40d529adc3658bcd5c405b1ac18a1475eb6a22af8d59afee1fa51e4b985b30e022319cc4aa7fb05a6d3
- SSDEEP
  
  24576:VFedfqPNDZZmH0bT8rsLezqI97KPNx4ZZOM9MohrmzW3BnU:VFbsATNF0OMRm0Bn
Score

1^/10
behavioral1 behavioral2
- Target
  
  iUnlock GSM Ramdisk/MobileDevice.dll
- Size
  
  71KB
- MD5
  
  faa4962db9d8949a63da273ae417f80e
- SHA1
  
  be566cf7db23958c64df4be45b5ffaed4cbd2248
- SHA256
  
  79fa43bf4576da0e03a6bd99dc5f0ebdf0f83659c4950eb212ec40b11f8784a6
- SHA512
  
  ca3f79b61c6cedd0c7ce205b3641959c5adefff51581880eec979a44aebd389d20c21c5ca3591ee90798209f268f4f1f9aa140385bf83a87e86f8dd47d5fe76c
- SSDEEP
  
  1536:0TjhHrTBtBHpsQFwSsJWmHlxnb3wI7L3NDKo:4hHrbBHpzOLHjnb3waRx
Score

1^/10
behavioral3 behavioral4
- Target
  
  iUnlock GSM Ramdisk/SaaUI.dll
- Size
  
  708KB
- MD5
  
  2b1d72b9e7f757cd9128e023aa10a9db
- SHA1
  
  2a8c88dfd125bf6f87091fea762287aa469e25a1
- SHA256
  
  852e7c660fd789e23dce633fc5e01249af164b79d11f7d8f180df833b6517da0
- SHA512
  
  a0189ddb80ef510a9cc8ac298c3739fd63bfec2196ec4868ec8842c4ff8f9f230a35ae59f3c24b736b3e83407eb8f8bb25ada538f75fa0a9768ef96d9467cb93
- SSDEEP
  
  12288:RWF9ikghaFPKO3KeQRZIvlkxswcXKC2zNWfm2YRm53fI5m:IQaFPKEZX9uWfm2YyA5
Score

1^/10
behavioral5 behavioral6
- Target
  
  iUnlock GSM Ramdisk/Siticone.Desktop.UI.dll
- Size
  
  4.0MB
- MD5
  
  1582aa45d981e0e569c6e05698642b30
- SHA1
  
  763506f312a186c55a04ef6a16ad7e867c394097
- SHA256
  
  21eecaf504b7fe787a45f4aa8f8f36dacfc3ab1d75624dfb41827cdef2a9a589
- SHA512
  
  278a7a4e2b9d82528200b9f92244db3f228187d15c36fd169deb927e343bc4d0bb29c9dba496f86558aea4f4deb44d1e47a41d5598c0b375d99ad9fbe99cec34
- SSDEEP
  
  24576:UCCxPAT4L7h3M7O2MLBSlvTh/aOBteUePU/DU/GHQYazK/DkWoql3zjbndHQ/jzb:WuO2MIThZNwewYDoyG
Score

1^/10
behavioral7 behavioral8
- Target
  
  iUnlock GSM Ramdisk/SunnyUI.Common.dll
- Size
  
  173KB
- MD5
  
  aa67bb3ba94960169fb11e8150243534
- SHA1
  
  fcf512d7a26fc34707426bc0d6711b458130a9ff
- SHA256
  
  9ee94c40816b87d33f80d90206941378ce94e2b366b6351af185ec05e5967331
- SHA512
  
  dfd889d98457d4927eeae9733feeab01f3094889cb371b00ce22f948e4a1fc69d04c82c6b01d5f609999e48df4c6a9471e1f31d51db749a05bbb201e503f5275
- SSDEEP
  
  3072:TOzXeBsKfoCT7iokDr65Hq5Y86nPaqfqlrhu+Xi1leH7:KzXQviokDWT86nzAjXH
Score

1^/10
behavioral10 behavioral9
- Target
  
  iUnlock GSM Ramdisk/System.ComponentModel.Annotations.dll
- Size
  
  42KB
- MD5
  
  7d3d14b0417a68ccdd9c51972ff74863
- SHA1
  
  ceacbd53b6a02e1f7337a6b0058924e1e11949bb
- SHA256
  
  04113c8549185519f3202790ceb23df609644872b9c249a56d2bcf59566102c4
- SHA512
  
  b2d133214f21d700e1af0c248dcc11ef66ea6da62043ff6d5e900fe2a1665d75583e4cd218526a146f2c62e22adf4ca2fa3b8879ae0f5a2e515e2c3a5184ce9c
- SSDEEP
  
  384:GnXppnvYs47bNql0kevR9SDQxSWIfYYL8oRT3KI3lUlBmeEZeTfyDxdQocwc1fVZ:gXDQsPurQcR3y6JOnSHDYFD9VioLQJ
Score

1^/10
behavioral11 behavioral12
- Target
  
  iUnlock GSM Ramdisk/System.Drawing.Common.dll
- Size
  
  52KB
- MD5
  
  3c2445d3095f82ec8a526e7843a98ba9
- SHA1
  
  2f2c9d016ffc2bd7078104234e27ab2b010bd765
- SHA256
  
  ca18383a2070518ae8c3e96cbd1705da283c8ada4ddf396217d2bcb7dcd03103
- SHA512
  
  9cb5564ee52c1b71c732026d0bdb8414c09ba0037e12440f1d122644a977fb95fa4f9c13666053e4fcce811e265f9b8afe60fe1b007d9d2e278cf0d0a8c243fa
- SSDEEP
  
  1536:4JbgUxvrIn01EkO/69KzwmOiGeCcSP8UIrdMe:41xvrInsEkO/AKzwm3C0UOdl
Score

1^/10
behavioral13 behavioral14
- Target
  
  iUnlock GSM Ramdisk/TinyHome.Renci.SshNet.dll
- Size
  
  839KB
- MD5
  
  e3fe09fa4082aaaa44fe48dfb7a07278
- SHA1
  
  fe279f27cbedc614edb84dbe575129d364496eb8
- SHA256
  
  f14fcddf9364b12673ef68a1a138ba07ef34fa3904f1d12a6e99d5cb5f84ad45
- SHA512
  
  94e1ee3569dddb04725a81b77a13fa4a78a560060debced74ce0b85c52632492653a8b389ec5e4720253b56b12f608478d71822d58d86763871153782efb4059
- SSDEEP
  
  12288:stT3F0Lc+SXEhvXx858Rw1r3tkFGlQ89YxpPyiQBCdsUz:ILmLaEq8Re4GDiACB
Score

1^/10
behavioral15 behavioral16
- Target
  
  iUnlock GSM Ramdisk/iTunesMobileDevice.dll
- Size
  
  3.3MB
- MD5
  
  02d42c1b5ecef5c885c6ff0b9282f7e4
- SHA1
  
  154b489bbf3cb7bd0fdf43b15c7269c34dc92ab6
- SHA256
  
  357b70bccc74b20f698ab1428cf65768f6d7c2e0c319a88ed9c607fa6dada3b4
- SHA512
  
  94dbfdb5ae70c96f469cfb4d90a4090fe6db75bdf785a6632c36da2fbe0e6d9797af2cf17de44b2fd6efd12ff5d3dc708cb80758190085c58108d1afea354a36
- SSDEEP
  
  98304:EbL4Qjjg1qOpC0WnIM/NiDw9g+45Cpbdb4WM0c:gLW0DnIM/NiDw9g+452Lc
Score

1^/10
behavioral17 behavioral18
- Target
  
  iUnlock GSM Ramdisk/iUnlock GSM Ramdisk.exe
- Size
  
  1.0MB
- MD5
  
  6ed2e8057953cd5c208fd0868b14a1af
- SHA1
  
  b14da0008f68b18f21f8cde97d54425f797b84a8
- SHA256
  
  726d13a1602c89102bd17660781a2bcd57306570c281f0c71c33268f27f58c79
- SHA512
  
  6c3fcacdb185cf5629ff796a9696bfe1933fd4edb69dc6578cae6374c856aa0b3cbb9b9f219170abc67f4368df28b9e03fa11e9db873ddcf81d8ac1858c06ced
- SSDEEP
  
  12288:KW2vL7h47bT9eyl+tBaDpxM0SLr2+XXXBQp0dlp+5W8spErYrnoLbq1S/JIgN0OX:x2vn8vQraDfmeyLdlG78joLbdDzORM
Score

7^/10

agilenet
- Loads dropped DLL
- Obfuscated with Agile.Net obfuscator
  Detects use of the Agile.Net commercial obfuscator, which is capable of entity renaming and control flow obfuscation.
  agilenet
behavioral19 behavioral20
- Target
  
  iUnlock GSM Ramdisk/lib/.GASTER/.AppleMobileDeviceDFUMode/amd64/WdfCoInstaller01009.dll
- Size
  
  1.6MB
- MD5
  
  4da5da193e0e4f86f6f8fd43ef25329a
- SHA1
  
  68a44d37ff535a2c454f2440e1429833a1c6d810
- SHA256
  
  18487b4ff94edccc98ed59d9fca662d4a1331c5f1e14df8db3093256dd9f1c3e
- SHA512
  
  b3d73ed5e45d6f2908b2f3086390dd28c1631e298756cee9bdf26b185f0b77d1b8c03ad55e0495dba982c5bed4a03337b130c76f7112f3e19821127d2cf36853
- SSDEEP
  
  24576:oU4MsColC6Je/ZgY7OOfcEpiRLH87SyVXGe38uKUj+NFVov1PJLfVKZ8F5mEeZWF:BFCsfZRZA6Xn388avVovfLd+Mo4iEF
Score

1^/10
behavioral21 behavioral22
- Target
  
  iUnlock GSM Ramdisk/lib/.GASTER/.AppleMobileDeviceDFUMode/amd64/libusbK.dll
- Size
  
  98KB
- MD5
  
  1604ddcdaed9e447f6729ad1689e5630
- SHA1
  
  a9ff1af89dc327fa7da5cf949610fe5fb4893320
- SHA256
  
  0690cd87d0069edac3a867e0b51f379afa77159eda3b45cd02740fc6afb546d8
- SHA512
  
  e12d695e672d05e706e6d8a12aa75b4aba0325ea01a47679553317c27e8dabaa643ef866ecf165c504d5855310afc479c1c4f587ba126ab1337b74d27fd1a279
- SSDEEP
  
  1536:xDSAp/Po23FtPlwmcpEUHG6RywZxei6iVy0Wfx3BbAa9aqAe6iPr:xDSQPlkVrThVofFBHAe6iD
Score

1^/10
behavioral23 behavioral24
- Target
  
  iUnlock GSM Ramdisk/lib/.GASTER/.AppleMobileDeviceDFUMode/amd64/winusbcoinstaller2.dll
- Size
  
  979KB
- MD5
  
  246900ce6474718730ecd4f873234cf5
- SHA1
  
  0c84b56c82e4624824154d27926ded1c45f4b331
- SHA256
  
  981a17effddbc20377512ddaec9f22c2b7067e17a3e2a8ccf82bb7bb7b2420b6
- SHA512
  
  6a9e305bfbfb57d8f8fd16edabef9291a8a97e4b9c2ae90622f6c056e518a0a731fbb3e33a2591d87c8e4293d0f983ec515e6a241792962257b82401a8811d5c
- SSDEEP
  
  24576:aAEBXzGJ7fW6hHv62VYeL7WCE3wixdLZWQzMjp:uBXQz/hPzxRwPdcO
Score

1^/10
behavioral25 behavioral26
- Target
  
  iUnlock GSM Ramdisk/lib/.GASTER/.AppleMobileDeviceDFUMode/x86/WdfCoInstaller01009.dll
- Size
  
  1.4MB
- MD5
  
  a9970042be512c7981b36e689c5f3f9f
- SHA1
  
  b0ba0de22ade0ee5324eaa82e179f41d2c67b63e
- SHA256
  
  7a6bf1f950684381205c717a51af2d9c81b203cb1f3db0006a4602e2df675c77
- SHA512
  
  8377049f0aaef7ffcb86d40e22ce8aa16e24cad78da1fb9b24edfbc7561e3d4fd220d19414fa06964692c54e5cbc47ec87b1f3e2e63440c6986cb985a65ce27d
- SSDEEP
  
  24576:GjG90oN2lj11mk/22yYzGrarZRm4X5Uh6rVh5LdfBwOyCSQM1fFhSWRA2+:iGtN2h1120R7m4XShYVxfBwrC21fXSz
Score

1^/10
behavioral27 behavioral28
- Target
  
  iUnlock GSM Ramdisk/lib/.GASTER/.AppleMobileDeviceDFUMode/x86/libusbK_x86.dll
- Size
  
  82KB
- MD5
  
  bd03c4792f08f0c889441f49df9deb98
- SHA1
  
  157c8395159678a02fe55c1f60683b7d0f8e2a38
- SHA256
  
  e908fb5501d74f810948cacbe476658479f19f4d2aff14f9044f18981be9c6fc
- SHA512
  
  d8683012112ff9486eef436080f31469ef37be97ba12785d5b23c8f3190800645357436777b8b14da5af5c2342ec0aea6b47ba108d85f0fe3f2719e69d2fe90b
- SSDEEP
  
  1536:hiQXmKxOE4TrpFRsDrrywqNUNnzKJmtRwg4Ka9aqAe6MY4m:hiQWLdsDrrywqNUNncjg0Ae6MY4
Score

1^/10
behavioral29 behavioral30
- Target
  
  iUnlock GSM Ramdisk/lib/.GASTER/.AppleMobileDeviceDFUMode/x86/winusbcoinstaller2.dll
- Size
  
  831KB
- MD5
  
  8e7b9f81e8823fee2d82f7de3a44300b
- SHA1
  
  1633b3715014c90d1c552cd757ef5de33c161dee
- SHA256
  
  ebe3b7708dd974ee87efed3113028d266af87ca8dbae77c47c6f7612824d3d6c
- SHA512
  
  9ae37b2747589a0eb312473d895ef87404f4a395a27e15855826a75b4711ea934ca9a2b289df0abe0a8825dec2d5654a0b1603cf0b039fe25662359b730ce1a9
- SSDEEP
  
  12288:cZq3DFVAZjj5h7OqGDqY66s32+0SLqfhA50yWI7yBoM1oGloLwtxJYnPXrmQlT:cZwoP7MYG+pX501zBoC+wtxuPXrmQlT
Score

4^/10
behavioral31 behavioral32

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Targets

Loads dropped DLL

Obfuscated with Agile.Net obfuscator

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32