Overview
overview
7Static
static
7droidkit-en-setup.exe
windows7-x64
7droidkit-en-setup.exe
windows10-2004-x64
7$PLUGINSDI...er.dll
windows7-x64
3$PLUGINSDI...er.dll
windows10-2004-x64
3$PLUGINSDI...Vs.dll
windows7-x64
3$PLUGINSDI...Vs.dll
windows10-2004-x64
3$PLUGINSDI...ib.dll
windows7-x64
3$PLUGINSDI...ib.dll
windows10-2004-x64
3$PLUGINSDI...em.dll
windows7-x64
3$PLUGINSDI...em.dll
windows10-2004-x64
3$PLUGINSDI...up.exe
windows7-x64
7$PLUGINSDI...up.exe
windows10-2004-x64
7$PLUGINSDI...00.dll
windows7-x64
1$PLUGINSDI...00.dll
windows10-2004-x64
1$PLUGINSDI...00.dll
windows7-x64
1$PLUGINSDI...00.dll
windows10-2004-x64
1$PLUGINSDIR/nsDui.dll
windows7-x64
3$PLUGINSDIR/nsDui.dll
windows10-2004-x64
3$PLUGINSDI...ec.dll
windows7-x64
3$PLUGINSDI...ec.dll
windows10-2004-x64
3$PLUGINSDI...ss.dll
windows7-x64
3$PLUGINSDI...ss.dll
windows10-2004-x64
3$PLUGINSDI...7z.dll
windows7-x64
3$PLUGINSDI...7z.dll
windows10-2004-x64
3$PLUGINSDI...ry.dll
windows7-x64
3$PLUGINSDI...ry.dll
windows10-2004-x64
3$PLUGINSDI...ll.exe
windows7-x64
7$PLUGINSDI...ll.exe
windows10-2004-x64
7$PLUGINSDI...er.dll
windows7-x64
3$PLUGINSDI...er.dll
windows10-2004-x64
3$PLUGINSDI...ib.dll
windows7-x64
3$PLUGINSDI...ib.dll
windows10-2004-x64
3General
-
Target
droidkit-en-setup.exe
-
Size
19.6MB
-
Sample
241110-dmlqmaxpev
-
MD5
8635f94c18c6372a4df1001cac67e366
-
SHA1
c6b35959a3afe487581509ba1853ff93c8e4e5df
-
SHA256
4e7982c1a982141773e2a47f43d0212c6e966457a4f96f7d05f5476d3e18a9af
-
SHA512
f633b6c883909e9d56434020520a4a2def688e3b4f39be69279bf443822d331daf685c90308d0985454039e6af8d14d82bc6e00ba7ff0b053923dad35e0a5f6d
-
SSDEEP
393216:tQ5BRfYlfUtUVISRRAgnu+tqDgfUIsBws6XYbTkrXDTNiDRUGJwPAEWXOO:t4YlfUtUVIS8gnu+tlDYUX3NiDRUGJ24
Behavioral task
behavioral1
Sample
droidkit-en-setup.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
droidkit-en-setup.exe
Resource
win10v2004-20241007-en
Behavioral task
behavioral3
Sample
$PLUGINSDIR/BgWorker.dll
Resource
win7-20240903-en
Behavioral task
behavioral4
Sample
$PLUGINSDIR/BgWorker.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral5
Sample
$PLUGINSDIR/CheckProVs.dll
Resource
win7-20240903-en
Behavioral task
behavioral6
Sample
$PLUGINSDIR/CheckProVs.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral7
Sample
$PLUGINSDIR/GoogleTracingLib.dll
Resource
win7-20240903-en
Behavioral task
behavioral8
Sample
$PLUGINSDIR/GoogleTracingLib.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral9
Sample
$PLUGINSDIR/System.dll
Resource
win7-20241010-en
Behavioral task
behavioral10
Sample
$PLUGINSDIR/System.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral11
Sample
$PLUGINSDIR/dotNetFx45_Full_setup.exe
Resource
win7-20241023-en
Behavioral task
behavioral12
Sample
$PLUGINSDIR/dotNetFx45_Full_setup.exe
Resource
win10v2004-20241007-en
Behavioral task
behavioral13
Sample
$PLUGINSDIR/msvcp100.dll
Resource
win7-20241010-en
Behavioral task
behavioral14
Sample
$PLUGINSDIR/msvcp100.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral15
Sample
$PLUGINSDIR/msvcr100.dll
Resource
win7-20240903-en
Behavioral task
behavioral16
Sample
$PLUGINSDIR/msvcr100.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral17
Sample
$PLUGINSDIR/nsDui.dll
Resource
win7-20240708-en
Behavioral task
behavioral18
Sample
$PLUGINSDIR/nsDui.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral19
Sample
$PLUGINSDIR/nsExec.dll
Resource
win7-20241010-en
Behavioral task
behavioral20
Sample
$PLUGINSDIR/nsExec.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral21
Sample
$PLUGINSDIR/nsProcess.dll
Resource
win7-20240903-en
Behavioral task
behavioral22
Sample
$PLUGINSDIR/nsProcess.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral23
Sample
$PLUGINSDIR/nsis7z.dll
Resource
win7-20240903-en
Behavioral task
behavioral24
Sample
$PLUGINSDIR/nsis7z.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral25
Sample
$PLUGINSDIR/registry.dll
Resource
win7-20240903-en
Behavioral task
behavioral26
Sample
$PLUGINSDIR/registry.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral27
Sample
$PLUGINSDIR/uninstall.exe
Resource
win7-20241010-en
Behavioral task
behavioral28
Sample
$PLUGINSDIR/uninstall.exe
Resource
win10v2004-20241007-en
Behavioral task
behavioral29
Sample
$PLUGINSDIR/BgWorker.dll
Resource
win7-20240903-en
Behavioral task
behavioral30
Sample
$PLUGINSDIR/BgWorker.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral31
Sample
$PLUGINSDIR/GoogleTracingLib.dll
Resource
win7-20241023-en
Behavioral task
behavioral32
Sample
$PLUGINSDIR/GoogleTracingLib.dll
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
droidkit-en-setup.exe
-
Size
19.6MB
-
MD5
8635f94c18c6372a4df1001cac67e366
-
SHA1
c6b35959a3afe487581509ba1853ff93c8e4e5df
-
SHA256
4e7982c1a982141773e2a47f43d0212c6e966457a4f96f7d05f5476d3e18a9af
-
SHA512
f633b6c883909e9d56434020520a4a2def688e3b4f39be69279bf443822d331daf685c90308d0985454039e6af8d14d82bc6e00ba7ff0b053923dad35e0a5f6d
-
SSDEEP
393216:tQ5BRfYlfUtUVISRRAgnu+tqDgfUIsBws6XYbTkrXDTNiDRUGJwPAEWXOO:t4YlfUtUVIS8gnu+tlDYUX3NiDRUGJ24
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
-
-
Target
$PLUGINSDIR/BgWorker.dll
-
Size
13KB
-
MD5
8401375a531d44e40b02c0739acf13ec
-
SHA1
2937b881c4a1ceed819dfbe604315e2c1c320e77
-
SHA256
d46ab59420f1eed08f2b4e93d9a2feb0986a5df703e33be0a739b0347c7dd618
-
SHA512
f5bc08b540508b152a4cf0bbe05a1d0c0a82bd512ca59e83d4290ad078f3b4368caa57deac85de42c1b945ec3b908a5b3a7dc863a017801479437595834863d7
-
SSDEEP
192:t9Hsl/C6kSDnicMBT6iiXtIp5F1/wfT/5QyrWrMIoWSx++Xa21R4way:r6ki2/iunF1/wfT3ir2WSx7bL4way
Score3/10 -
-
-
Target
$PLUGINSDIR/CheckProVs.dll
-
Size
18KB
-
MD5
5422e399fabd3a344e8dcc807a48637e
-
SHA1
59b0830698b15993671eb0dd43020041c351deb8
-
SHA256
64e6aad5d6628bc743196a42e28df3f8dc71cdf0d2ad4c250bab872d2a3991c7
-
SHA512
9d102954e0d7bb7e69219a14158e410c18adb85d1cca9e269f3955d3fc5e61b23872313b78d16cd6488eaac0f835b233356152575bf130f8ec91e0d481aa1493
-
SSDEEP
384:qJqUuDf+bOQNnPV5By6ki2/iAV1/wfT3ir2WSx7bLFMGO:q8UA+bfndbd26H3iPmbLFJO
Score3/10 -
-
-
Target
$PLUGINSDIR/GoogleTracingLib.dll
-
Size
46KB
-
MD5
3a914fc853188765010b73ff99834383
-
SHA1
374b9c4bcc852e42e85aab7b142ecdd80f0c40a1
-
SHA256
5b8cadf540dd47d19b1020bf5c0aca1b6d14d9d875b0a5794b432401c60ee5c7
-
SHA512
1e1a26dcb480cae7dc0fb89c0e8b560206b23b85a6f56458e2019af9c67ca9f942e2c75e78052e4e0eebcfff5e7a3c5eafb5538ba776c0a40b39cafee0bce0e7
-
SSDEEP
768:/WXV2fVEC5h9KclMCumc6plPHY4jq7rOZkdhKZVz26e3iPmbLb:zSmh9/BumTlg4kOZ+KzztQ7D
Score3/10 -
-
-
Target
$PLUGINSDIR/System.dll
-
Size
22KB
-
MD5
86a488bf743dfab80ff142713adb5d48
-
SHA1
02e4b39f2fa40cd4edcc42cb524dc3ce911bfdac
-
SHA256
3924b57f8993a880d53e1e4e18eb6ba9b5dc610cbb00345c954c7e8a9078c309
-
SHA512
0ed09bcddd5bd13a91e7b99b78e37a01a36d62a29ad74acaacbe0da6446c8523e83ed2c089d2847e4d1ba467da93e2fd2de104feb51bcda445511b334bf932c8
-
SSDEEP
384:h8QIl975eXqlWBrz7YLOl6q6ki2/id91/wfT3ir2WSx7bLo0w4I:hgPgrfYLO8F26s3iPmbLVa
Score3/10 -
-
-
Target
$PLUGINSDIR/dotNetFx45_Full_setup.exe
-
Size
982KB
-
MD5
9e8253f0a993e53b4809dbd74b335227
-
SHA1
f6ba6f03c65c3996a258f58324a917463b2d6ff4
-
SHA256
e434828818f81e6e1f5955e84caec08662bd154a80b24a71a2eda530d8b2f66a
-
SHA512
404d67d59fcd767e65d86395b38d1a531465cee5bb3c5cf3d1205975ff76d27d477fe8cc3842b8134f17b61292d8e2ffba71134fe50a36afd60b189b027f5af0
-
SSDEEP
24576:3idS2cRQNb9dUcyezFSja7zEwA2BH6SEUVGDKX68zuQm6wwr5mAPepC:SQ2cRQh9GexmCxBxVV56CmWQax
Score7/10-
Executes dropped EXE
-
Loads dropped DLL
-
-
-
Target
$PLUGINSDIR/msvcp100.dll
-
Size
593KB
-
MD5
d029339c0f59cf662094eddf8c42b2b5
-
SHA1
a0b6de44255ce7bfade9a5b559dd04f2972bfdc8
-
SHA256
934d882efd3c0f3f1efbc238ef87708f3879f5bb456d30af62f3368d58b6aa4c
-
SHA512
021d9af52e68cb7a3b0042d9ed6c9418552ee16df966f9ccedd458567c47d70471cb8851a69d3982d64571369664faeeae3be90e2e88a909005b9cdb73679c82
-
SSDEEP
12288:koBFUsQ1H5FH3YUTd/df0RA7XkNvEKZm+aWodEEiblHN/:dFUsQ1H5FHdGKkNvEKZm+aWodEEcHN/
Score1/10 -
-
-
Target
$PLUGINSDIR/msvcr100.dll
-
Size
809KB
-
MD5
366fd6f3a451351b5df2d7c4ecf4c73a
-
SHA1
50db750522b9630757f91b53df377fd4ed4e2d66
-
SHA256
ae3cb6c6afba9a4aa5c85f66023c35338ca579b30326dd02918f9d55259503d5
-
SHA512
2de764772b68a85204b7435c87e9409d753c2196cf5b2f46e7796c99a33943e167f62a92e8753eaa184cd81fb14361e83228eb1b474e0c3349ed387ec93e6130
-
SSDEEP
12288:QgzGPEett9Mw9HfBCddjMb2NQVmTW75JfmyyKWeHQGoko+1:HzJetPMw9HfBCrMb2Kc6dmyyKWewGzB1
Score1/10 -
-
-
Target
$PLUGINSDIR/nsDui.dll
-
Size
10.0MB
-
MD5
368841af8b0074e348418f106716e603
-
SHA1
75469510665b651b38e3b4fb7c4240722c756126
-
SHA256
3be54dea5aedc0d8d16d6c4bd4e046e2d93bfc550a1a035a94768c2d5901e327
-
SHA512
3804afa3930a90f258a2b4e7106e1d0211e5d4ca6a7f5ba23da11e3908b4e202295ddbcb1ecf1e15215bc9a0aece1a46efad07ad94feddd4f316b0de674c50d5
-
SSDEEP
196608:H1YWSpeHkab9WLMhJuH9E7QfqV9BgtBx2Tr+Z/iYyEuOyWoqeob8VvW:eWBfbQcJudLqV9ByBxP/1o0b
Score3/10 -
-
-
Target
$PLUGINSDIR/nsExec.dll
-
Size
17KB
-
MD5
eae60d4807a106d8795c4260bcc9bbee
-
SHA1
13511a9e35c3e20c9b55016a3226a0aae52e15f3
-
SHA256
863cfac6df27d31830edf983e68634860c3a4671303b956cfdf82f5f855b7913
-
SHA512
27f495de634cc10aa5c0b36cb17904ca33d3241a67edc9d062d9a64f50ccf9aaf91a2a99170b43cf1fbd492ba3bbb598aa9a67e28ea41a8f990d3472a3219a71
-
SSDEEP
384:ImKgIWhoAGgmkNW6ki2/i8MbZ+1/wfT3ir2WSx7bLb33:dzEAGLkT26p53iPmbLj
Score3/10 -
-
-
Target
$PLUGINSDIR/nsProcess.dll
-
Size
15KB
-
MD5
8205bee74d498724aa5508e93c6d21f8
-
SHA1
2564cc3032e59d538826596a88d80c3d022ef595
-
SHA256
382aad28fa439b18d3d41a4652201c1d1542d73ff756a738c4cee6b75ebeca8f
-
SHA512
67c1e7fcfbc03565ddcd0cde4a91104231b30e0e3edbfe338ba5da76085fe849ea2dea199554dd3b25b90ab9722c30fd22399932463ef4a95e6000fcb5ef3ca1
-
SSDEEP
192:gUl64IGsjo6kSDnicMBT6iiXt4/0Xx1/wfT/5QyrWrMIoWSx++Xa21RyoWljGC:/Zt6ki2/i+/M1/wfT3ir2WSx7bLyoWlV
Score3/10 -
-
-
Target
$PLUGINSDIR/nsis7z.dll
-
Size
324KB
-
MD5
257fa9ec6d0cf12f4717dd6e56a876bf
-
SHA1
f4989aa55a6cfd35cac6992184232081fe48f6fe
-
SHA256
e558416adceace0064b2d8c7fb2f880ee685cec167b723ab4ed5573734d798f3
-
SHA512
548b6a2c483942230dc85be303e8fde33a11feb308afa0be605c1a2b9a1c5226c2279e327f4bc96b8fca2be8badff2f49d7ba968a40728886be5d110c4be215a
-
SSDEEP
6144:r49ssOlBrbYr5UP4m3mC/FvBbhQ1JzI+yQKiJGxdNtsm06q78:ruS165UP4mL/FvBtC8zQdSDmm0F78
Score3/10 -
-
-
Target
$PLUGINSDIR/registry.dll
-
Size
35KB
-
MD5
2e7ced24d47e40e0725e8d80c2d2ba6b
-
SHA1
b74c0fd4d1111bc461558a96720d40adb314a21e
-
SHA256
59120dcdf3315804ecaa8cb76b9cf5ee99f992407f30a11c6df8e23c09294c06
-
SHA512
ba0afcb54ed33265faa45a22ece8ee8f35fe3ee96170bd231e4e11b409330216c95b1a2f360a4d1955c6ef77a45a4c65385047333b2bd46f3e27fbfbfcc19713
-
SSDEEP
384:F2mvyNjH3rPnAZ4wu2QbnC7qB7PnrvScaeYA4CIDEge/QqL2AQf6ki2/iipe1/wC:075w/OfrzB4CUxuQfAP26eZ3iPmbLy
Score3/10 -
-
-
Target
$PLUGINSDIR/uninstall.exe
-
Size
8.2MB
-
MD5
dc81c01374e9543469920d763402b10a
-
SHA1
535e9355a31bd2a06381e67ff24f52953071478a
-
SHA256
87801f6c52b6660a9f1cb8a832a5bbad75f7d086e3c141f547eafd633bd7cb76
-
SHA512
c37cc90e8b1319b5edb0a55f8462f664fa138d80938053b521d0cd713e04f137244b14d03063a2da9e4e3fdd6c4f8e5a219dc36752eb5caf190b5ef2a6204611
-
SSDEEP
196608:JD18/QDptRqcnqnJ1CcWpxriRRpO/fg/OfPTsxnoygd5:Jh8/EtRqcqnJ8WRRp8g/oTXygX
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
-
-
Target
$PLUGINSDIR/BgWorker.dll
-
Size
13KB
-
MD5
8401375a531d44e40b02c0739acf13ec
-
SHA1
2937b881c4a1ceed819dfbe604315e2c1c320e77
-
SHA256
d46ab59420f1eed08f2b4e93d9a2feb0986a5df703e33be0a739b0347c7dd618
-
SHA512
f5bc08b540508b152a4cf0bbe05a1d0c0a82bd512ca59e83d4290ad078f3b4368caa57deac85de42c1b945ec3b908a5b3a7dc863a017801479437595834863d7
-
SSDEEP
192:t9Hsl/C6kSDnicMBT6iiXtIp5F1/wfT/5QyrWrMIoWSx++Xa21R4way:r6ki2/iunF1/wfT3ir2WSx7bL4way
Score3/10 -
-
-
Target
$PLUGINSDIR/GoogleTracingLib.dll
-
Size
46KB
-
MD5
3a914fc853188765010b73ff99834383
-
SHA1
374b9c4bcc852e42e85aab7b142ecdd80f0c40a1
-
SHA256
5b8cadf540dd47d19b1020bf5c0aca1b6d14d9d875b0a5794b432401c60ee5c7
-
SHA512
1e1a26dcb480cae7dc0fb89c0e8b560206b23b85a6f56458e2019af9c67ca9f942e2c75e78052e4e0eebcfff5e7a3c5eafb5538ba776c0a40b39cafee0bce0e7
-
SSDEEP
768:/WXV2fVEC5h9KclMCumc6plPHY4jq7rOZkdhKZVz26e3iPmbLb:zSmh9/BumTlg4kOZ+KzztQ7D
Score3/10 -