Overview
overview
7Static
static
7anyfix-ios...up.exe
windows7-x64
6anyfix-ios...up.exe
windows10-2004-x64
5$PLUGINSDI...er.dll
windows7-x64
3$PLUGINSDI...er.dll
windows10-2004-x64
3$PLUGINSDI...Vs.dll
windows7-x64
3$PLUGINSDI...Vs.dll
windows10-2004-x64
$PLUGINSDI...os.dll
windows7-x64
3$PLUGINSDI...os.dll
windows10-2004-x64
3$PLUGINSDI...ib.dll
windows7-x64
3$PLUGINSDI...ib.dll
windows10-2004-x64
3$PLUGINSDI...em.dll
windows7-x64
3$PLUGINSDI...em.dll
windows10-2004-x64
3$PLUGINSDI...up.exe
windows7-x64
7$PLUGINSDI...up.exe
windows10-2004-x64
7$PLUGINSDI...00.dll
windows7-x64
1$PLUGINSDI...00.dll
windows10-2004-x64
1$PLUGINSDI...00.dll
windows7-x64
1$PLUGINSDI...00.dll
windows10-2004-x64
1$PLUGINSDIR/nsDui.dll
windows7-x64
3$PLUGINSDIR/nsDui.dll
windows10-2004-x64
3$PLUGINSDI...ec.dll
windows7-x64
3$PLUGINSDI...ec.dll
windows10-2004-x64
3$PLUGINSDI...ss.dll
windows7-x64
3$PLUGINSDI...ss.dll
windows10-2004-x64
3$PLUGINSDI...7z.dll
windows7-x64
3$PLUGINSDI...7z.dll
windows10-2004-x64
3$PLUGINSDI...ry.dll
windows7-x64
3$PLUGINSDI...ry.dll
windows10-2004-x64
3$PLUGINSDI...ll.exe
windows7-x64
4$PLUGINSDI...ll.exe
windows10-2004-x64
5$PLUGINSDI...er.dll
windows7-x64
3$PLUGINSDI...er.dll
windows10-2004-x64
3General
-
Target
anyfix-ios-system-recovery-en-setup.exe
-
Size
7.1MB
-
Sample
240824-d8zvdatbnr
-
MD5
9c3c41d2f9b7d33d38641e85ba0a5fd9
-
SHA1
5e3fc663df59515cdf7eb9c4c0a43130a26689ba
-
SHA256
0609ebd4157f1b0591ab2a98749c0073a479ffae8e3eb5ba560838bb3eaaa0c5
-
SHA512
2a38369f24c28c310e6ed98506fc89177a00e2766a89ed992fca5867bec55f0125aa0403fe619d051044acdf6f0dfe63c230e072e3732693cd51cce43f616a06
-
SSDEEP
98304:2aswfDVoKwsGwFzDXoAgjrpeuUaCp1o9Djk5mfZwg4yCr78VEZ7W9xlWes3bdjOi:2VwVssGOzDXYU/s5IsBwTLQGWblMLs/y
Behavioral task
behavioral1
Sample
anyfix-ios-system-recovery-en-setup.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
anyfix-ios-system-recovery-en-setup.exe
Resource
win10v2004-20240802-en
Behavioral task
behavioral3
Sample
$PLUGINSDIR/BgWorker.dll
Resource
win7-20240729-en
Behavioral task
behavioral4
Sample
$PLUGINSDIR/BgWorker.dll
Resource
win10v2004-20240802-en
Behavioral task
behavioral5
Sample
$PLUGINSDIR/CheckProVs.dll
Resource
win7-20240729-en
Behavioral task
behavioral6
Sample
$PLUGINSDIR/CheckProVs.dll
Resource
win10v2004-20240802-en
Behavioral task
behavioral7
Sample
$PLUGINSDIR/ExecDos.dll
Resource
win7-20240708-en
Behavioral task
behavioral8
Sample
$PLUGINSDIR/ExecDos.dll
Resource
win10v2004-20240802-en
Behavioral task
behavioral9
Sample
$PLUGINSDIR/GoogleTracingLib.dll
Resource
win7-20240708-en
Behavioral task
behavioral10
Sample
$PLUGINSDIR/GoogleTracingLib.dll
Resource
win10v2004-20240802-en
Behavioral task
behavioral11
Sample
$PLUGINSDIR/System.dll
Resource
win7-20240705-en
Behavioral task
behavioral12
Sample
$PLUGINSDIR/System.dll
Resource
win10v2004-20240802-en
Behavioral task
behavioral13
Sample
$PLUGINSDIR/dotNetFx45_Full_setup.exe
Resource
win7-20240705-en
Behavioral task
behavioral14
Sample
$PLUGINSDIR/dotNetFx45_Full_setup.exe
Resource
win10v2004-20240802-en
Behavioral task
behavioral15
Sample
$PLUGINSDIR/msvcp100.dll
Resource
win7-20240704-en
Behavioral task
behavioral16
Sample
$PLUGINSDIR/msvcp100.dll
Resource
win10v2004-20240802-en
Behavioral task
behavioral17
Sample
$PLUGINSDIR/msvcr100.dll
Resource
win7-20240704-en
Behavioral task
behavioral18
Sample
$PLUGINSDIR/msvcr100.dll
Resource
win10v2004-20240802-en
Behavioral task
behavioral19
Sample
$PLUGINSDIR/nsDui.dll
Resource
win7-20240705-en
Behavioral task
behavioral20
Sample
$PLUGINSDIR/nsDui.dll
Resource
win10v2004-20240802-en
Behavioral task
behavioral21
Sample
$PLUGINSDIR/nsExec.dll
Resource
win7-20240708-en
Behavioral task
behavioral22
Sample
$PLUGINSDIR/nsExec.dll
Resource
win10v2004-20240802-en
Behavioral task
behavioral23
Sample
$PLUGINSDIR/nsProcess.dll
Resource
win7-20240704-en
Behavioral task
behavioral24
Sample
$PLUGINSDIR/nsProcess.dll
Resource
win10v2004-20240802-en
Behavioral task
behavioral25
Sample
$PLUGINSDIR/nsis7z.dll
Resource
win7-20240729-en
Behavioral task
behavioral26
Sample
$PLUGINSDIR/nsis7z.dll
Resource
win10v2004-20240802-en
Behavioral task
behavioral27
Sample
$PLUGINSDIR/registry.dll
Resource
win7-20240708-en
Behavioral task
behavioral28
Sample
$PLUGINSDIR/registry.dll
Resource
win10v2004-20240802-en
Behavioral task
behavioral29
Sample
$PLUGINSDIR/uninstall.exe
Resource
win7-20240704-en
Behavioral task
behavioral30
Sample
$PLUGINSDIR/uninstall.exe
Resource
win10v2004-20240802-en
Behavioral task
behavioral31
Sample
$PLUGINSDIR/BgWorker.dll
Resource
win7-20240708-en
Behavioral task
behavioral32
Sample
$PLUGINSDIR/BgWorker.dll
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
anyfix-ios-system-recovery-en-setup.exe
-
Size
7.1MB
-
MD5
9c3c41d2f9b7d33d38641e85ba0a5fd9
-
SHA1
5e3fc663df59515cdf7eb9c4c0a43130a26689ba
-
SHA256
0609ebd4157f1b0591ab2a98749c0073a479ffae8e3eb5ba560838bb3eaaa0c5
-
SHA512
2a38369f24c28c310e6ed98506fc89177a00e2766a89ed992fca5867bec55f0125aa0403fe619d051044acdf6f0dfe63c230e072e3732693cd51cce43f616a06
-
SSDEEP
98304:2aswfDVoKwsGwFzDXoAgjrpeuUaCp1o9Djk5mfZwg4yCr78VEZ7W9xlWes3bdjOi:2VwVssGOzDXYU/s5IsBwTLQGWblMLs/y
-
Downloads MZ/PE file
-
Modifies Windows Firewall
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
-
-
Target
$PLUGINSDIR/BgWorker.dll
-
Size
2KB
-
MD5
33ec04738007e665059cf40bc0f0c22b
-
SHA1
4196759a922e333d9b17bda5369f14c33cd5e3bc
-
SHA256
50f735ab8f3473423e6873d628150bbc0777be7b4f6405247cddf22bb00fb6be
-
SHA512
2318b01f0c2f2f021a618ca3e6e5c24a94df5d00154766b77160203b8b0a177c8581c7b688ffe69be93a69bc7fd06b8a589844d42447f5060fb4bcf94d8a9aef
Score3/10 -
-
-
Target
$PLUGINSDIR/CheckProVs.dll
-
Size
7KB
-
MD5
62e85098ce43cb3d5c422e49390b7071
-
SHA1
df6722f155ce2a1379eff53a9ad1611ddecbb3bf
-
SHA256
ee7e26894cbf89c93ae4df15bdb12cd9a21f5deacedfa99a01eefe8fa52daec2
-
SHA512
dfe7438c2b46f822e2a810bc355e5226043547608d19d1c70314e4325c06ad9ad63a797905e30d19f5d9a86ee1a6d9c28f525a298731e79dbf6f3d6441179a8e
-
SSDEEP
96:iqCVh8iNqVgRudZczLiJp2tvgaJOnT/323x3XQUPVAm6yBBECtu7ZyvN:9IhJqUudZkLi+bOni3x3X3PVR6yBBfj
Score3/10 -
-
-
Target
$PLUGINSDIR/ExecDos.dll
-
Size
6KB
-
MD5
774e3b33d151413dc826bf2421cd51e8
-
SHA1
ab2928dcf6fa54bb9eb16e5f64bfcffaaeee90fa
-
SHA256
91d5481f576382164703e4ac244052265769377838ac30233ad79c983ed9d454
-
SHA512
3cf955b13e81e4b6edb292df751ce7f64b0cf30979f57b1609f002859b4e68adc046b6674f76f7b7ce7144382316c344c11fed02d638e62fcc8464c32795a365
-
SSDEEP
96:38IgHUv7jr2GJ+dfuitjFVsDtwC6OcgHl7cFi1cyMV7WhWuaW:dCajridfjR6tw1OjHl7cE1KyhWua
Score3/10 -
-
-
Target
$PLUGINSDIR/GoogleTracingLib.dll
-
Size
36KB
-
MD5
d8fca35ff95fe00a7174177181f8bd13
-
SHA1
fbafea4d2790dd2c0d022dfb08ded91de7f5265e
-
SHA256
ad873f1e51e6d033e5507235ec735957256ebeeb0d3f22aa0b57bb4bd0846e4c
-
SHA512
eb530b10f137cb0cdfdcd2c11fd9f50f774e0ce44e9d2da3e755f6a6df24fe6e7525c27b109e3e68e9d3e49a889937a22f4d9d78703b1055a83b8a58808a58ba
-
SSDEEP
768:IWXV2fVEC5h9KclMCumc6plPHY4jq7rOZkdhKZV:8Smh9/BumTlg4kOZ+Kz
Score3/10 -
-
-
Target
$PLUGINSDIR/System.dll
-
Size
11KB
-
MD5
ca332bb753b0775d5e806e236ddcec55
-
SHA1
f35ef76592f20850baef2ebbd3c9a2cfb5ad8d8f
-
SHA256
df5ae79fa558dc7af244ec6e53939563b966e7dbd8867e114e928678dbd56e5d
-
SHA512
2de0956a1ad58ad7086e427e89b819089f2a7f1e4133ed2a0a736adc0614e8588ebe2d97f1b59ab8886d662aeb40e0b4838c6a65fbfc652253e3a45664a03a00
-
SSDEEP
192:eo24sihno00Wfl97nH6T2enXwWobpWBTU4VtHT7dmN35Ol6Sl:k8QIl975eXqlWBrz7YLOl6
Score3/10 -
-
-
Target
$PLUGINSDIR/dotNetFx45_Full_setup.exe
-
Size
982KB
-
MD5
9e8253f0a993e53b4809dbd74b335227
-
SHA1
f6ba6f03c65c3996a258f58324a917463b2d6ff4
-
SHA256
e434828818f81e6e1f5955e84caec08662bd154a80b24a71a2eda530d8b2f66a
-
SHA512
404d67d59fcd767e65d86395b38d1a531465cee5bb3c5cf3d1205975ff76d27d477fe8cc3842b8134f17b61292d8e2ffba71134fe50a36afd60b189b027f5af0
-
SSDEEP
24576:3idS2cRQNb9dUcyezFSja7zEwA2BH6SEUVGDKX68zuQm6wwr5mAPepC:SQ2cRQh9GexmCxBxVV56CmWQax
Score7/10-
Executes dropped EXE
-
Loads dropped DLL
-
-
-
Target
$PLUGINSDIR/msvcp100.dll
-
Size
593KB
-
MD5
d029339c0f59cf662094eddf8c42b2b5
-
SHA1
a0b6de44255ce7bfade9a5b559dd04f2972bfdc8
-
SHA256
934d882efd3c0f3f1efbc238ef87708f3879f5bb456d30af62f3368d58b6aa4c
-
SHA512
021d9af52e68cb7a3b0042d9ed6c9418552ee16df966f9ccedd458567c47d70471cb8851a69d3982d64571369664faeeae3be90e2e88a909005b9cdb73679c82
-
SSDEEP
12288:koBFUsQ1H5FH3YUTd/df0RA7XkNvEKZm+aWodEEiblHN/:dFUsQ1H5FHdGKkNvEKZm+aWodEEcHN/
Score1/10 -
-
-
Target
$PLUGINSDIR/msvcr100.dll
-
Size
809KB
-
MD5
366fd6f3a451351b5df2d7c4ecf4c73a
-
SHA1
50db750522b9630757f91b53df377fd4ed4e2d66
-
SHA256
ae3cb6c6afba9a4aa5c85f66023c35338ca579b30326dd02918f9d55259503d5
-
SHA512
2de764772b68a85204b7435c87e9409d753c2196cf5b2f46e7796c99a33943e167f62a92e8753eaa184cd81fb14361e83228eb1b474e0c3349ed387ec93e6130
-
SSDEEP
12288:QgzGPEett9Mw9HfBCddjMb2NQVmTW75JfmyyKWeHQGoko+1:HzJetPMw9HfBCrMb2Kc6dmyyKWewGzB1
Score1/10 -
-
-
Target
$PLUGINSDIR/nsDui.dll
-
Size
3.1MB
-
MD5
da277c7997c003698b5fb0b8bb9491bb
-
SHA1
c897c3d8809d9af00ab05cdbd1eb3f35f9e98d23
-
SHA256
e49008ab87c0f707fb2cac811b3a2c74ba82ee7f6e91635f5cf5ed6e3c2c09e7
-
SHA512
cd3b73449bdbfceba3d6975f749d91f9c75b312bebc670aedb2facd42e3c0d3d4775c77bea024d949502278e7539d2052ad96411677fd663961979fa6d456367
-
SSDEEP
49152:dlyjYo1+wiLWDEzNFoZQdHJ9A6ajb5dSr+vWcUsaTXmdQQKNkX:LyP1+kDEzNOWp9A6aBd+q/UBFHG
Score3/10 -
-
-
Target
$PLUGINSDIR/nsExec.dll
-
Size
6KB
-
MD5
ec62e1a8d16d8f1b0eb792aa26e5de5c
-
SHA1
faa219618aec99cffb81c312728dc56c1fdc5798
-
SHA256
193d396fc7be5fed9d585de3c43e23d640c1dce725499f0274b3898c248545aa
-
SHA512
cb3f3458cf734ab7b964ed25cac87ff2938292eed9caae1305b2e5975bde885f4d8b06d05d4099ef614982cd55d97e9ddc0f13bbe2cdd9fb642d008788ed3017
-
SSDEEP
96:O7fhZwXd8KgEbAa9PweF1WxD8ZLMJGgmkNp38:/N8KgWAuLWxD8ZAGgmkN
Score3/10 -
-
-
Target
$PLUGINSDIR/nsProcess.dll
-
Size
4KB
-
MD5
f0438a894f3a7e01a4aae8d1b5dd0289
-
SHA1
b058e3fcfb7b550041da16bf10d8837024c38bf6
-
SHA256
30c6c3dd3cc7fcea6e6081ce821adc7b2888542dae30bf00e881c0a105eb4d11
-
SHA512
f91fcea19cbddf8086affcb63fe599dc2b36351fc81ac144f58a80a524043ddeaa3943f36c86ebae45dd82e8faf622ea7b7c9b776e74c54b93df2963cfe66cc7
-
SSDEEP
48:Sz4joMeH+Iwdf8Rom/L+rOnnk5/OCnXeAdbdOAa4GPI+CJ87eILzlq7gthwIsEQW:64c/eFdfS/SSnkxNa4G+ueqPuCtGsj
Score3/10 -
-
-
Target
$PLUGINSDIR/nsis7z.dll
-
Size
313KB
-
MD5
06a47571ac922f82c098622b2f5f6f63
-
SHA1
8a581c33b7f2029c41edaad55d024fc0d2d7c427
-
SHA256
e4ab3064f2e094910ae80104ef9d371ccb74ebbeeed592582cf099acd83f5fe9
-
SHA512
04b3d18042f1faa536e1393179f412a5644d2cf691fbc14970f79df5c0594eeedb0826b495807a3243f27aaa0380423c1f975fe857f32e057309bb3f2a529a83
-
SSDEEP
6144:rA9ssOlBrbYr5UP4m3mC/FvBbhQ1JzI+yQKiJGxdNtsm0:r2S165UP4mL/FvBtC8zQdSDmm0
Score3/10 -
-
-
Target
$PLUGINSDIR/registry.dll
-
Size
24KB
-
MD5
2b7007ed0262ca02ef69d8990815cbeb
-
SHA1
2eabe4f755213666dbbbde024a5235ddde02b47f
-
SHA256
0b25b20f26de5d5bd795f934c70447112b4981343fcb2dfab3374a4018d28c2d
-
SHA512
aa75ee59ca0b8530eb7298b74e5f334ae9d14129f603b285a3170b82103cfdcc175af8185317e6207142517769e69a24b34fcdf0f58ed50a4960cbe8c22a0aca
-
SSDEEP
384:W2mvyNjH3rPnAZ4wu2QbnC7qB7PnrvScaeYA4CIDEge/QqL2AQ:/75w/OfrzB4CUxuQfA
Score3/10 -
-
-
Target
$PLUGINSDIR/uninstall.exe
-
Size
304KB
-
MD5
dac3b528233d00e3c2ee268b608fa4c0
-
SHA1
6c632ad2888cd93f2aa2aef0fde309e043c90f31
-
SHA256
0491c06f3771d5cdbe47042e8d40a17914e27a7b668b1d08e28f264b122a4dee
-
SHA512
f1109877a1ddd5e28ebbde7814f97aea530bb6581da4670e91f9593069f182561085cf1432c505261faef9a51564f0058db436998376e056d22b0260163ae0b3
-
SSDEEP
3072:j5szWOITsEL50jl7yI57isGg4oUeO0l2uuuuuuuuuuuuuuuuuuuDXVoE1wA3/FnZ:CzZZDFGg+mtgc/V2fo0xR6X7gpC
Score5/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
-
-
Target
$PLUGINSDIR/BgWorker.dll
-
Size
2KB
-
MD5
33ec04738007e665059cf40bc0f0c22b
-
SHA1
4196759a922e333d9b17bda5369f14c33cd5e3bc
-
SHA256
50f735ab8f3473423e6873d628150bbc0777be7b4f6405247cddf22bb00fb6be
-
SHA512
2318b01f0c2f2f021a618ca3e6e5c24a94df5d00154766b77160203b8b0a177c8581c7b688ffe69be93a69bc7fd06b8a589844d42447f5060fb4bcf94d8a9aef
Score3/10 -
MITRE ATT&CK Enterprise v15
Persistence
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Netsh Helper DLL
1Privilege Escalation
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Netsh Helper DLL
1Defense Evasion
Impair Defenses
1Disable or Modify System Firewall
1Modify Registry
1Subvert Trust Controls
1Install Root Certificate
1