Overview
overview
7Static
static
7anyunlock-...up.exe
windows11-21h2-x64
7$PLUGINSDI...Vs.dll
windows11-21h2-x64
3$PLUGINSDI...ls.dll
windows11-21h2-x64
3$PLUGINSDI...em.dll
windows11-21h2-x64
3$PLUGINSDI...up.exe
windows11-21h2-x64
7$PLUGINSDI...ec.dll
windows11-21h2-x64
3$PLUGINSDI...ss.dll
windows11-21h2-x64
3$PLUGINSDIR/setup.exe
windows11-21h2-x64
3$PLUGINSDI...ll.exe
windows11-21h2-x64
7$PLUGINSDI...er.dll
windows11-21h2-x64
3$PLUGINSDI...Vs.dll
windows11-21h2-x64
3$PLUGINSDI...ib.dll
windows11-21h2-x64
3$PLUGINSDI...el.dll
windows11-21h2-x64
7$PLUGINSDI...tn.dll
windows11-21h2-x64
3$PLUGINSDI...em.dll
windows11-21h2-x64
3$PLUGINSDI...gs.dll
windows11-21h2-x64
3$PLUGINSDI...ss.dll
windows11-21h2-x64
3$PLUGINSDI...ry.dll
windows11-21h2-x64
3$PLUGINSDIR/un.exe
windows11-21h2-x64
3General
-
Target
anyunlock-iphone-password-unlocker-en-setup.exe
-
Size
14.2MB
-
Sample
241110-abh9ksvfmc
-
MD5
7789530e75705212cf2e99c119b73237
-
SHA1
68162ef7f934cc666a928877d87ba5d0efc098cf
-
SHA256
ad4fad7041437165a835858801b8aed8586bcd50647473c57dcb14b54e52178b
-
SHA512
fe53a49763d2e56db5f9fe524cbfa0490cbdb0af357e562c5c135d8f0c1bfd97201f0c4a80e814c641539506f00349bb6dcaed11256547afbe9a3301b40cba2a
-
SSDEEP
393216:ICn8IdMS8p+WVOS/5ABHBoyYwDVzALQyUIE:ICDdMS8p+WASBaB1JzA89
Behavioral task
behavioral1
Sample
anyunlock-iphone-password-unlocker-en-setup.exe
Resource
win11-20241007-en
Behavioral task
behavioral2
Sample
$PLUGINSDIR/CheckProVs.dll
Resource
win11-20241007-en
Behavioral task
behavioral3
Sample
$PLUGINSDIR/SkinnedControls.dll
Resource
win11-20241007-en
Behavioral task
behavioral4
Sample
$PLUGINSDIR/System.dll
Resource
win11-20241007-en
Behavioral task
behavioral5
Sample
$PLUGINSDIR/dotNetFx45_Full_setup.exe
Resource
win11-20241007-en
Behavioral task
behavioral6
Sample
$PLUGINSDIR/nsExec.dll
Resource
win11-20241007-en
Behavioral task
behavioral7
Sample
$PLUGINSDIR/nsProcess.dll
Resource
win11-20241007-en
Behavioral task
behavioral8
Sample
$PLUGINSDIR/setup.exe
Resource
win11-20241023-en
Behavioral task
behavioral9
Sample
$PLUGINSDIR/uninstall.exe
Resource
win11-20241007-en
Behavioral task
behavioral10
Sample
$PLUGINSDIR/BgWorker.dll
Resource
win11-20241007-en
Behavioral task
behavioral11
Sample
$PLUGINSDIR/CheckProVs.dll
Resource
win11-20241007-en
Behavioral task
behavioral12
Sample
$PLUGINSDIR/GoogleTracingLib.dll
Resource
win11-20241007-en
Behavioral task
behavioral13
Sample
$PLUGINSDIR/SelfDel.dll
Resource
win11-20241007-en
Behavioral task
behavioral14
Sample
$PLUGINSDIR/SkinBtn.dll
Resource
win11-20241007-en
Behavioral task
behavioral15
Sample
$PLUGINSDIR/System.dll
Resource
win11-20241007-en
Behavioral task
behavioral16
Sample
$PLUGINSDIR/nsDialogs.dll
Resource
win11-20241023-en
Behavioral task
behavioral17
Sample
$PLUGINSDIR/nsProcess.dll
Resource
win11-20241007-en
Behavioral task
behavioral18
Sample
$PLUGINSDIR/registry.dll
Resource
win11-20241007-en
Behavioral task
behavioral19
Sample
$PLUGINSDIR/un.exe
Resource
win11-20241007-en
Malware Config
Targets
-
-
Target
anyunlock-iphone-password-unlocker-en-setup.exe
-
Size
14.2MB
-
MD5
7789530e75705212cf2e99c119b73237
-
SHA1
68162ef7f934cc666a928877d87ba5d0efc098cf
-
SHA256
ad4fad7041437165a835858801b8aed8586bcd50647473c57dcb14b54e52178b
-
SHA512
fe53a49763d2e56db5f9fe524cbfa0490cbdb0af357e562c5c135d8f0c1bfd97201f0c4a80e814c641539506f00349bb6dcaed11256547afbe9a3301b40cba2a
-
SSDEEP
393216:ICn8IdMS8p+WVOS/5ABHBoyYwDVzALQyUIE:ICDdMS8p+WASBaB1JzA89
Score7/10-
Executes dropped EXE
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
-
-
Target
$PLUGINSDIR/CheckProVs.dll
-
Size
18KB
-
MD5
5422e399fabd3a344e8dcc807a48637e
-
SHA1
59b0830698b15993671eb0dd43020041c351deb8
-
SHA256
64e6aad5d6628bc743196a42e28df3f8dc71cdf0d2ad4c250bab872d2a3991c7
-
SHA512
9d102954e0d7bb7e69219a14158e410c18adb85d1cca9e269f3955d3fc5e61b23872313b78d16cd6488eaac0f835b233356152575bf130f8ec91e0d481aa1493
-
SSDEEP
384:qJqUuDf+bOQNnPV5By6ki2/iAV1/wfT3ir2WSx7bLFMGO:q8UA+bfndbd26H3iPmbLFJO
Score3/10 -
-
-
Target
$PLUGINSDIR/SkinnedControls.dll
-
Size
77KB
-
MD5
364bb3c9218429dd1315ad1db47e152d
-
SHA1
3253c1a381161c268bce8c487e892c8e5dd29dc3
-
SHA256
5f7998711ea856730139c4dac403f11b947ed94a464dc6d2d4b22f928c3a8536
-
SHA512
d9084068a259acb9a1691d10da8610053d3abdf6dc78d7357d80d1ac794d940478d2b05c3050484680ddee4c832ae30d71a67b2c2978845e298aca48058e01f6
-
SSDEEP
768:Q0p2dJFs6nYFg0vxrF9jd+IpMCGC8BnmmfJmLVp1aB5tEEThyX7QirbTGgyhTFDK:Q0YsX7vxGjBvJgVTadaXBTeh55axv
Score3/10 -
-
-
Target
$PLUGINSDIR/System.dll
-
Size
22KB
-
MD5
86a488bf743dfab80ff142713adb5d48
-
SHA1
02e4b39f2fa40cd4edcc42cb524dc3ce911bfdac
-
SHA256
3924b57f8993a880d53e1e4e18eb6ba9b5dc610cbb00345c954c7e8a9078c309
-
SHA512
0ed09bcddd5bd13a91e7b99b78e37a01a36d62a29ad74acaacbe0da6446c8523e83ed2c089d2847e4d1ba467da93e2fd2de104feb51bcda445511b334bf932c8
-
SSDEEP
384:h8QIl975eXqlWBrz7YLOl6q6ki2/id91/wfT3ir2WSx7bLo0w4I:hgPgrfYLO8F26s3iPmbLVa
Score3/10 -
-
-
Target
$PLUGINSDIR/dotNetFx45_Full_setup.exe
-
Size
982KB
-
MD5
9e8253f0a993e53b4809dbd74b335227
-
SHA1
f6ba6f03c65c3996a258f58324a917463b2d6ff4
-
SHA256
e434828818f81e6e1f5955e84caec08662bd154a80b24a71a2eda530d8b2f66a
-
SHA512
404d67d59fcd767e65d86395b38d1a531465cee5bb3c5cf3d1205975ff76d27d477fe8cc3842b8134f17b61292d8e2ffba71134fe50a36afd60b189b027f5af0
-
SSDEEP
24576:3idS2cRQNb9dUcyezFSja7zEwA2BH6SEUVGDKX68zuQm6wwr5mAPepC:SQ2cRQh9GexmCxBxVV56CmWQax
Score7/10-
Executes dropped EXE
-
Loads dropped DLL
-
-
-
Target
$PLUGINSDIR/nsExec.dll
-
Size
17KB
-
MD5
eae60d4807a106d8795c4260bcc9bbee
-
SHA1
13511a9e35c3e20c9b55016a3226a0aae52e15f3
-
SHA256
863cfac6df27d31830edf983e68634860c3a4671303b956cfdf82f5f855b7913
-
SHA512
27f495de634cc10aa5c0b36cb17904ca33d3241a67edc9d062d9a64f50ccf9aaf91a2a99170b43cf1fbd492ba3bbb598aa9a67e28ea41a8f990d3472a3219a71
-
SSDEEP
384:ImKgIWhoAGgmkNW6ki2/i8MbZ+1/wfT3ir2WSx7bLb33:dzEAGLkT26p53iPmbLj
Score3/10 -
-
-
Target
$PLUGINSDIR/nsProcess.dll
-
Size
15KB
-
MD5
8205bee74d498724aa5508e93c6d21f8
-
SHA1
2564cc3032e59d538826596a88d80c3d022ef595
-
SHA256
382aad28fa439b18d3d41a4652201c1d1542d73ff756a738c4cee6b75ebeca8f
-
SHA512
67c1e7fcfbc03565ddcd0cde4a91104231b30e0e3edbfe338ba5da76085fe849ea2dea199554dd3b25b90ab9722c30fd22399932463ef4a95e6000fcb5ef3ca1
-
SSDEEP
192:gUl64IGsjo6kSDnicMBT6iiXt4/0Xx1/wfT/5QyrWrMIoWSx++Xa21RyoWljGC:/Zt6ki2/i+/M1/wfT3ir2WSx7bLyoWlV
Score3/10 -
-
-
Target
$PLUGINSDIR/setup.exe
-
Size
3.3MB
-
MD5
023dfce70301896fb6b2e15eca718549
-
SHA1
64bf799250c2d437b8dd2f0c7c7e6509394565d9
-
SHA256
9140755badab25fcca359fe83f74a4a435ec6136302ddafb489a90f563ad4157
-
SHA512
e47fbb80e62a02018ffd0484e21d9f80bd6469ef0df745d7f5aff7bc5ca91a487bbbcdc2d0a9b0c67352a33c97bced3f0184ba42960f1cf7c6313004fbf4eede
-
SSDEEP
98304:lR41UPttYZbwA2PNb8XxD3GH5X3ng8SCC6akRuLy:M1eY3xbGZXXg8SCv+Ly
Score3/10 -
-
-
Target
$PLUGINSDIR/uninstall.exe
-
Size
11.3MB
-
MD5
3275f97deebe74d4cbe4aab23720c189
-
SHA1
db88a1238247226bad0c3b3684bc09a8c7e59135
-
SHA256
ef1d0a7ede9eeb6966fd6f54821e15a0032e965af96ba9798942d67ae20707cd
-
SHA512
8f6eadcc900c6352f7a936152d99602924c9efe4e33f64b2d7187865428ddc67f7e228edd38ebb044b575d4e829a8eecc29f1a10d6bfe585427755b24b08e177
-
SSDEEP
196608:khKNDpw4uLfIZmDTlbu60Q1aBhUamtyoLu7j+062UjrmXdj8DK30YtUSuCKzP:khKnw4uLfRDTFu67IBNCLK2kdgDK30YA
Score7/10-
Executes dropped EXE
-
Loads dropped DLL
-
-
-
Target
$PLUGINSDIR/BgWorker.dll
-
Size
13KB
-
MD5
8401375a531d44e40b02c0739acf13ec
-
SHA1
2937b881c4a1ceed819dfbe604315e2c1c320e77
-
SHA256
d46ab59420f1eed08f2b4e93d9a2feb0986a5df703e33be0a739b0347c7dd618
-
SHA512
f5bc08b540508b152a4cf0bbe05a1d0c0a82bd512ca59e83d4290ad078f3b4368caa57deac85de42c1b945ec3b908a5b3a7dc863a017801479437595834863d7
-
SSDEEP
192:t9Hsl/C6kSDnicMBT6iiXtIp5F1/wfT/5QyrWrMIoWSx++Xa21R4way:r6ki2/iunF1/wfT3ir2WSx7bL4way
Score3/10 -
-
-
Target
$PLUGINSDIR/CheckProVs.dll
-
Size
18KB
-
MD5
5422e399fabd3a344e8dcc807a48637e
-
SHA1
59b0830698b15993671eb0dd43020041c351deb8
-
SHA256
64e6aad5d6628bc743196a42e28df3f8dc71cdf0d2ad4c250bab872d2a3991c7
-
SHA512
9d102954e0d7bb7e69219a14158e410c18adb85d1cca9e269f3955d3fc5e61b23872313b78d16cd6488eaac0f835b233356152575bf130f8ec91e0d481aa1493
-
SSDEEP
384:qJqUuDf+bOQNnPV5By6ki2/iAV1/wfT3ir2WSx7bLFMGO:q8UA+bfndbd26H3iPmbLFJO
Score3/10 -
-
-
Target
$PLUGINSDIR/GoogleTracingLib.dll
-
Size
46KB
-
MD5
3a914fc853188765010b73ff99834383
-
SHA1
374b9c4bcc852e42e85aab7b142ecdd80f0c40a1
-
SHA256
5b8cadf540dd47d19b1020bf5c0aca1b6d14d9d875b0a5794b432401c60ee5c7
-
SHA512
1e1a26dcb480cae7dc0fb89c0e8b560206b23b85a6f56458e2019af9c67ca9f942e2c75e78052e4e0eebcfff5e7a3c5eafb5538ba776c0a40b39cafee0bce0e7
-
SSDEEP
768:/WXV2fVEC5h9KclMCumc6plPHY4jq7rOZkdhKZVz26e3iPmbLb:zSmh9/BumTlg4kOZ+KzztQ7D
Score3/10 -
-
-
Target
$PLUGINSDIR/SelfDel.dll
-
Size
15KB
-
MD5
0975f56f06c5d3680ce1ca46c9ffd583
-
SHA1
87cc2a8dd5b58b734e3dd4c4f7ea1df7c3a90c93
-
SHA256
f9882a63181c93d028c43ff86db4c8927196b5e9bfcbee1d87a8004a37b083cf
-
SHA512
7e292bc659313ecde026ccd6cc239adf8aaeb77ccf2bb806d59900481646ac9350b72d02c86cfa61134952053e40ea4280ee05ef9625deb21053e84da0c9b8e9
-
SSDEEP
384:Vi9ogS6x+TE6ki2/iio1/wfT3ir2WSx7bLS4I:E9ogSE+b26g3iPmbLG
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
-
-
Target
$PLUGINSDIR/SkinBtn.dll
-
Size
15KB
-
MD5
0325c49a03baf13592272fec2b36968e
-
SHA1
ab10d9f3b420d7192ce6e3ceb953d94b669bdded
-
SHA256
72ddf9ec65f49d38ed181b4e73e095524d9c83118e6d7ae705227c7351300b95
-
SHA512
9009b5ebd7c45ecf9aa967aeddaf6b7695581ee8e212432eeaefd0777df3fbff41842975e0d09774f01b3b994500299042a004efc030162576cca925bdc0f43c
-
SSDEEP
384:lxSX36ki2/iXmXc51/wfT3ir2WSx7bLVDDjn:cK262Xcu3iPmbLVjn
Score3/10 -
-
-
Target
$PLUGINSDIR/System.dll
-
Size
22KB
-
MD5
86a488bf743dfab80ff142713adb5d48
-
SHA1
02e4b39f2fa40cd4edcc42cb524dc3ce911bfdac
-
SHA256
3924b57f8993a880d53e1e4e18eb6ba9b5dc610cbb00345c954c7e8a9078c309
-
SHA512
0ed09bcddd5bd13a91e7b99b78e37a01a36d62a29ad74acaacbe0da6446c8523e83ed2c089d2847e4d1ba467da93e2fd2de104feb51bcda445511b334bf932c8
-
SSDEEP
384:h8QIl975eXqlWBrz7YLOl6q6ki2/id91/wfT3ir2WSx7bLo0w4I:hgPgrfYLO8F26s3iPmbLVa
Score3/10 -
-
-
Target
$PLUGINSDIR/nsDialogs.dll
-
Size
20KB
-
MD5
607d190fafa8284451681b17106130e1
-
SHA1
dbb86e422931fa6864b324f644ba5cb8e8254272
-
SHA256
942dd3d2c5d1057e20ae15662c33997d816f622d2b09364fa1552142ffbae39a
-
SHA512
1bd2a5438ecd4566a1e8efa37a187bd9ac4e22c68fa1d4c413797e144be30511f4cc7b5947d5138df276461eb6de6fb5a2ad2123704b5172e687792561023712
-
SSDEEP
384:UBxzm+t18pZ0WAg0RzIFg46ki2/ih1xW1/wfT3ir2WSx7bL7ezYq:yupZ/Ag05f26xh3iPmbL4P
Score3/10 -
-
-
Target
$PLUGINSDIR/nsProcess.dll
-
Size
15KB
-
MD5
8205bee74d498724aa5508e93c6d21f8
-
SHA1
2564cc3032e59d538826596a88d80c3d022ef595
-
SHA256
382aad28fa439b18d3d41a4652201c1d1542d73ff756a738c4cee6b75ebeca8f
-
SHA512
67c1e7fcfbc03565ddcd0cde4a91104231b30e0e3edbfe338ba5da76085fe849ea2dea199554dd3b25b90ab9722c30fd22399932463ef4a95e6000fcb5ef3ca1
-
SSDEEP
192:gUl64IGsjo6kSDnicMBT6iiXt4/0Xx1/wfT/5QyrWrMIoWSx++Xa21RyoWljGC:/Zt6ki2/i+/M1/wfT3ir2WSx7bLyoWlV
Score3/10 -
-
-
Target
$PLUGINSDIR/registry.dll
-
Size
35KB
-
MD5
2e7ced24d47e40e0725e8d80c2d2ba6b
-
SHA1
b74c0fd4d1111bc461558a96720d40adb314a21e
-
SHA256
59120dcdf3315804ecaa8cb76b9cf5ee99f992407f30a11c6df8e23c09294c06
-
SHA512
ba0afcb54ed33265faa45a22ece8ee8f35fe3ee96170bd231e4e11b409330216c95b1a2f360a4d1955c6ef77a45a4c65385047333b2bd46f3e27fbfbfcc19713
-
SSDEEP
384:F2mvyNjH3rPnAZ4wu2QbnC7qB7PnrvScaeYA4CIDEge/QqL2AQf6ki2/iipe1/wC:075w/OfrzB4CUxuQfAP26eZ3iPmbLy
Score3/10 -
-
-
Target
$PLUGINSDIR/un.exe
-
Size
11.7MB
-
MD5
d24750b3221c6c773781e262bb117a84
-
SHA1
0d7eede38e541f18115151736395e24f95b9e4f3
-
SHA256
4f31cc76ab71792c4487795bf2f7d2106a9bbbe24b53ac2af6fcefd8c958b319
-
SHA512
7759a88ef3079f8f6e0e0524416ae360df44eb5506e93b9a7f6348546e5249f76ee339de45cf1820db1c44bf5f316a28f2c150c3627ae784f583a2d1c79c7da5
-
SSDEEP
196608:LKfCvvcESaXBiHaR+EKaIk6xbjkP6ISLdxI/7zvhbYrsCJnDN5PbXy8UO+O4WgDs:LKRWoHaRN5jNP6ISgzpErnD7bXy8h+O/
Score3/10 -