Overview
overview
7Static
static
7anymirror-...up.exe
windows7-x64
4anymirror-...up.exe
windows10-2004-x64
5$PLUGINSDI...er.dll
windows7-x64
3$PLUGINSDI...er.dll
windows10-2004-x64
3$PLUGINSDI...Vs.dll
windows7-x64
3$PLUGINSDI...Vs.dll
windows10-2004-x64
3$PLUGINSDI...ib.dll
windows7-x64
3$PLUGINSDI...ib.dll
windows10-2004-x64
3$PLUGINSDI...em.dll
windows7-x64
3$PLUGINSDI...em.dll
windows10-2004-x64
3$PLUGINSDI...up.exe
windows7-x64
7$PLUGINSDI...up.exe
windows10-2004-x64
7$PLUGINSDI...00.dll
windows7-x64
3$PLUGINSDI...00.dll
windows10-2004-x64
3$PLUGINSDIR/nsDui.dll
windows7-x64
3$PLUGINSDIR/nsDui.dll
windows10-2004-x64
3$PLUGINSDI...ec.dll
windows7-x64
3$PLUGINSDI...ec.dll
windows10-2004-x64
3$PLUGINSDI...ss.dll
windows7-x64
3$PLUGINSDI...ss.dll
windows10-2004-x64
3$PLUGINSDI...7z.dll
windows7-x64
3$PLUGINSDI...7z.dll
windows10-2004-x64
3$PLUGINSDI...ry.dll
windows7-x64
3$PLUGINSDI...ry.dll
windows10-2004-x64
3$PLUGINSDI...ll.exe
windows7-x64
4$PLUGINSDI...ll.exe
windows10-2004-x64
5$PLUGINSDI...er.dll
windows7-x64
3$PLUGINSDI...er.dll
windows10-2004-x64
3$PLUGINSDI...Vs.dll
windows7-x64
3$PLUGINSDI...Vs.dll
windows10-2004-x64
3$PLUGINSDI...ib.dll
windows7-x64
3$PLUGINSDI...ib.dll
windows10-2004-x64
3General
-
Target
anymirror-en-setup.exe
-
Size
5.0MB
-
Sample
241113-tt2nesvfmf
-
MD5
d5ce55cd4d5a1cfb024a925a57affac5
-
SHA1
ff77825f43279d43c5472900370e69ae76125bc4
-
SHA256
f2c0b14087985e4ab59152e15ec6c5933a996985196592c4671789bb6bd0634a
-
SHA512
fa6b6ee1683a35928c72b3c4c842c61c69a5a46614a9a8e2190c2a38282a7f4744978ae79ae641ecb9891fe082dda967f8d595989bfef94d129359bbbde42e5a
-
SSDEEP
98304:G+Ei+ZME4oSsNm2r/6p1o9Djk5Mo7zxcurCZTLV/opu0b2Ej83KflSpi/ang:G+Ei+ZMEL/6s5IqUPg9/oM0CEwafmG4g
Behavioral task
behavioral1
Sample
anymirror-en-setup.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
anymirror-en-setup.exe
Resource
win10v2004-20241007-en
Behavioral task
behavioral3
Sample
$PLUGINSDIR/BgWorker.dll
Resource
win7-20241023-en
Behavioral task
behavioral4
Sample
$PLUGINSDIR/BgWorker.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral5
Sample
$PLUGINSDIR/CheckProVs.dll
Resource
win7-20240903-en
Behavioral task
behavioral6
Sample
$PLUGINSDIR/CheckProVs.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral7
Sample
$PLUGINSDIR/GoogleTracingLib.dll
Resource
win7-20240903-en
Behavioral task
behavioral8
Sample
$PLUGINSDIR/GoogleTracingLib.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral9
Sample
$PLUGINSDIR/System.dll
Resource
win7-20240903-en
Behavioral task
behavioral10
Sample
$PLUGINSDIR/System.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral11
Sample
$PLUGINSDIR/dotNetFx45_Full_setup.exe
Resource
win7-20240903-en
Behavioral task
behavioral12
Sample
$PLUGINSDIR/dotNetFx45_Full_setup.exe
Resource
win10v2004-20241007-en
Behavioral task
behavioral13
Sample
$PLUGINSDIR/msvcr100.dll
Resource
win7-20241023-en
Behavioral task
behavioral14
Sample
$PLUGINSDIR/msvcr100.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral15
Sample
$PLUGINSDIR/nsDui.dll
Resource
win7-20240903-en
Behavioral task
behavioral16
Sample
$PLUGINSDIR/nsDui.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral17
Sample
$PLUGINSDIR/nsExec.dll
Resource
win7-20240903-en
Behavioral task
behavioral18
Sample
$PLUGINSDIR/nsExec.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral19
Sample
$PLUGINSDIR/nsProcess.dll
Resource
win7-20240903-en
Behavioral task
behavioral20
Sample
$PLUGINSDIR/nsProcess.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral21
Sample
$PLUGINSDIR/nsis7z.dll
Resource
win7-20241023-en
Behavioral task
behavioral22
Sample
$PLUGINSDIR/nsis7z.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral23
Sample
$PLUGINSDIR/registry.dll
Resource
win7-20240903-en
Behavioral task
behavioral24
Sample
$PLUGINSDIR/registry.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral25
Sample
$PLUGINSDIR/uninstall.exe
Resource
win7-20240903-en
Behavioral task
behavioral26
Sample
$PLUGINSDIR/uninstall.exe
Resource
win10v2004-20241007-en
Behavioral task
behavioral27
Sample
$PLUGINSDIR/BgWorker.dll
Resource
win7-20240903-en
Behavioral task
behavioral28
Sample
$PLUGINSDIR/BgWorker.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral29
Sample
$PLUGINSDIR/CheckProVs.dll
Resource
win7-20241010-en
Behavioral task
behavioral30
Sample
$PLUGINSDIR/CheckProVs.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral31
Sample
$PLUGINSDIR/GoogleTracingLib.dll
Resource
win7-20240903-en
Behavioral task
behavioral32
Sample
$PLUGINSDIR/GoogleTracingLib.dll
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
anymirror-en-setup.exe
-
Size
5.0MB
-
MD5
d5ce55cd4d5a1cfb024a925a57affac5
-
SHA1
ff77825f43279d43c5472900370e69ae76125bc4
-
SHA256
f2c0b14087985e4ab59152e15ec6c5933a996985196592c4671789bb6bd0634a
-
SHA512
fa6b6ee1683a35928c72b3c4c842c61c69a5a46614a9a8e2190c2a38282a7f4744978ae79ae641ecb9891fe082dda967f8d595989bfef94d129359bbbde42e5a
-
SSDEEP
98304:G+Ei+ZME4oSsNm2r/6p1o9Djk5Mo7zxcurCZTLV/opu0b2Ej83KflSpi/ang:G+Ei+ZMEL/6s5IqUPg9/oM0CEwafmG4g
Score5/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
-
-
Target
$PLUGINSDIR/BgWorker.dll
-
Size
2KB
-
MD5
33ec04738007e665059cf40bc0f0c22b
-
SHA1
4196759a922e333d9b17bda5369f14c33cd5e3bc
-
SHA256
50f735ab8f3473423e6873d628150bbc0777be7b4f6405247cddf22bb00fb6be
-
SHA512
2318b01f0c2f2f021a618ca3e6e5c24a94df5d00154766b77160203b8b0a177c8581c7b688ffe69be93a69bc7fd06b8a589844d42447f5060fb4bcf94d8a9aef
Score3/10 -
-
-
Target
$PLUGINSDIR/CheckProVs.dll
-
Size
7KB
-
MD5
62e85098ce43cb3d5c422e49390b7071
-
SHA1
df6722f155ce2a1379eff53a9ad1611ddecbb3bf
-
SHA256
ee7e26894cbf89c93ae4df15bdb12cd9a21f5deacedfa99a01eefe8fa52daec2
-
SHA512
dfe7438c2b46f822e2a810bc355e5226043547608d19d1c70314e4325c06ad9ad63a797905e30d19f5d9a86ee1a6d9c28f525a298731e79dbf6f3d6441179a8e
-
SSDEEP
96:iqCVh8iNqVgRudZczLiJp2tvgaJOnT/323x3XQUPVAm6yBBECtu7ZyvN:9IhJqUudZkLi+bOni3x3X3PVR6yBBfj
Score3/10 -
-
-
Target
$PLUGINSDIR/GoogleTracingLib.dll
-
Size
36KB
-
MD5
d8fca35ff95fe00a7174177181f8bd13
-
SHA1
fbafea4d2790dd2c0d022dfb08ded91de7f5265e
-
SHA256
ad873f1e51e6d033e5507235ec735957256ebeeb0d3f22aa0b57bb4bd0846e4c
-
SHA512
eb530b10f137cb0cdfdcd2c11fd9f50f774e0ce44e9d2da3e755f6a6df24fe6e7525c27b109e3e68e9d3e49a889937a22f4d9d78703b1055a83b8a58808a58ba
-
SSDEEP
768:IWXV2fVEC5h9KclMCumc6plPHY4jq7rOZkdhKZV:8Smh9/BumTlg4kOZ+Kz
Score3/10 -
-
-
Target
$PLUGINSDIR/System.dll
-
Size
11KB
-
MD5
ca332bb753b0775d5e806e236ddcec55
-
SHA1
f35ef76592f20850baef2ebbd3c9a2cfb5ad8d8f
-
SHA256
df5ae79fa558dc7af244ec6e53939563b966e7dbd8867e114e928678dbd56e5d
-
SHA512
2de0956a1ad58ad7086e427e89b819089f2a7f1e4133ed2a0a736adc0614e8588ebe2d97f1b59ab8886d662aeb40e0b4838c6a65fbfc652253e3a45664a03a00
-
SSDEEP
192:eo24sihno00Wfl97nH6T2enXwWobpWBTU4VtHT7dmN35Ol6Sl:k8QIl975eXqlWBrz7YLOl6
Score3/10 -
-
-
Target
$PLUGINSDIR/dotNetFx45_Full_setup.exe
-
Size
982KB
-
MD5
9e8253f0a993e53b4809dbd74b335227
-
SHA1
f6ba6f03c65c3996a258f58324a917463b2d6ff4
-
SHA256
e434828818f81e6e1f5955e84caec08662bd154a80b24a71a2eda530d8b2f66a
-
SHA512
404d67d59fcd767e65d86395b38d1a531465cee5bb3c5cf3d1205975ff76d27d477fe8cc3842b8134f17b61292d8e2ffba71134fe50a36afd60b189b027f5af0
-
SSDEEP
24576:3idS2cRQNb9dUcyezFSja7zEwA2BH6SEUVGDKX68zuQm6wwr5mAPepC:SQ2cRQh9GexmCxBxVV56CmWQax
Score7/10-
Executes dropped EXE
-
Loads dropped DLL
-
-
-
Target
$PLUGINSDIR/msvcr100.dll
-
Size
752KB
-
MD5
67ec459e42d3081dd8fd34356f7cafc1
-
SHA1
1738050616169d5b17b5adac3ff0370b8c642734
-
SHA256
1221a09484964a6f38af5e34ee292b9afefccb3dc6e55435fd3aaf7c235d9067
-
SHA512
9ed1c106df217e0b4e4fbd1f4275486ceba1d8a225d6c7e47b854b0b5e6158135b81be926f51db0ad5c624f9bd1d09282332cf064680dc9f7d287073b9686d33
-
SSDEEP
12288:fQmCy3NeRjkpQmj3oaMtQqjoygfXq3kon9IlbgaOxQdVJJ6j5EBKX8hR5:ImCy3VQs9MtLjTgfa3kon9FaOdEz5
Score3/10 -
-
-
Target
$PLUGINSDIR/nsDui.dll
-
Size
2.4MB
-
MD5
02917b9f41149b048d3bddd8fcdbab80
-
SHA1
1eef6b7a4baf7176870393a60a9d55c047630cee
-
SHA256
8872453727bed5cfecd6850cd02c25d35d137267c1b20e6bf29f041c66461ab0
-
SHA512
6df8096bfb7a6658b747b9f2ce08365ecaa546fce091666e3194b95684399f334369569494786abc160c83201350c0361e452949d551dbde42778695f3f05308
-
SSDEEP
49152:0Cy8gk5pcxSVyM4pygtFyjyIyJDbyyh+yaQhy0Cy2x8HUpubJ:07JkNVyFpyIFyuIyBbym+yaQhy5heUp
Score3/10 -
-
-
Target
$PLUGINSDIR/nsExec.dll
-
Size
6KB
-
MD5
ec62e1a8d16d8f1b0eb792aa26e5de5c
-
SHA1
faa219618aec99cffb81c312728dc56c1fdc5798
-
SHA256
193d396fc7be5fed9d585de3c43e23d640c1dce725499f0274b3898c248545aa
-
SHA512
cb3f3458cf734ab7b964ed25cac87ff2938292eed9caae1305b2e5975bde885f4d8b06d05d4099ef614982cd55d97e9ddc0f13bbe2cdd9fb642d008788ed3017
-
SSDEEP
96:O7fhZwXd8KgEbAa9PweF1WxD8ZLMJGgmkNp38:/N8KgWAuLWxD8ZAGgmkN
Score3/10 -
-
-
Target
$PLUGINSDIR/nsProcess.dll
-
Size
4KB
-
MD5
f0438a894f3a7e01a4aae8d1b5dd0289
-
SHA1
b058e3fcfb7b550041da16bf10d8837024c38bf6
-
SHA256
30c6c3dd3cc7fcea6e6081ce821adc7b2888542dae30bf00e881c0a105eb4d11
-
SHA512
f91fcea19cbddf8086affcb63fe599dc2b36351fc81ac144f58a80a524043ddeaa3943f36c86ebae45dd82e8faf622ea7b7c9b776e74c54b93df2963cfe66cc7
-
SSDEEP
48:Sz4joMeH+Iwdf8Rom/L+rOnnk5/OCnXeAdbdOAa4GPI+CJ87eILzlq7gthwIsEQW:64c/eFdfS/SSnkxNa4G+ueqPuCtGsj
Score3/10 -
-
-
Target
$PLUGINSDIR/nsis7z.dll
-
Size
313KB
-
MD5
06a47571ac922f82c098622b2f5f6f63
-
SHA1
8a581c33b7f2029c41edaad55d024fc0d2d7c427
-
SHA256
e4ab3064f2e094910ae80104ef9d371ccb74ebbeeed592582cf099acd83f5fe9
-
SHA512
04b3d18042f1faa536e1393179f412a5644d2cf691fbc14970f79df5c0594eeedb0826b495807a3243f27aaa0380423c1f975fe857f32e057309bb3f2a529a83
-
SSDEEP
6144:rA9ssOlBrbYr5UP4m3mC/FvBbhQ1JzI+yQKiJGxdNtsm0:r2S165UP4mL/FvBtC8zQdSDmm0
Score3/10 -
-
-
Target
$PLUGINSDIR/registry.dll
-
Size
24KB
-
MD5
2b7007ed0262ca02ef69d8990815cbeb
-
SHA1
2eabe4f755213666dbbbde024a5235ddde02b47f
-
SHA256
0b25b20f26de5d5bd795f934c70447112b4981343fcb2dfab3374a4018d28c2d
-
SHA512
aa75ee59ca0b8530eb7298b74e5f334ae9d14129f603b285a3170b82103cfdcc175af8185317e6207142517769e69a24b34fcdf0f58ed50a4960cbe8c22a0aca
-
SSDEEP
384:W2mvyNjH3rPnAZ4wu2QbnC7qB7PnrvScaeYA4CIDEge/QqL2AQ:/75w/OfrzB4CUxuQfA
Score3/10 -
-
-
Target
$PLUGINSDIR/uninstall.exe
-
Size
1.4MB
-
MD5
f82baaa0b9e9740c8cdf06ba44e97fba
-
SHA1
a88894a9c596a963b97f6adceffaac6cbbec5057
-
SHA256
9c5fd53cc95011b72aecc9c5c76e5cdc8e7f033411f372899aba50f8bd4f8c39
-
SHA512
fe7360a96637ee2a705e5c24d72954ad8a56ca4ceffac7f36456a9ebabf0ba13e9b0fbeaab49e4da348df7a10ad94fe9ed7d32e4d7e335e4dfa01b32cd5780ab
-
SSDEEP
24576:WzZ0ydiAffz/QszBAKiPvEWnkD/zFAN/uY1zj68oMTLO1bccU/wueBFfik:WndzXQvtnmzFAN/uYTdTCKcU/wuWik
Score5/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
-
-
Target
$PLUGINSDIR/BgWorker.dll
-
Size
2KB
-
MD5
33ec04738007e665059cf40bc0f0c22b
-
SHA1
4196759a922e333d9b17bda5369f14c33cd5e3bc
-
SHA256
50f735ab8f3473423e6873d628150bbc0777be7b4f6405247cddf22bb00fb6be
-
SHA512
2318b01f0c2f2f021a618ca3e6e5c24a94df5d00154766b77160203b8b0a177c8581c7b688ffe69be93a69bc7fd06b8a589844d42447f5060fb4bcf94d8a9aef
Score3/10 -
-
-
Target
$PLUGINSDIR/CheckProVs.dll
-
Size
7KB
-
MD5
62e85098ce43cb3d5c422e49390b7071
-
SHA1
df6722f155ce2a1379eff53a9ad1611ddecbb3bf
-
SHA256
ee7e26894cbf89c93ae4df15bdb12cd9a21f5deacedfa99a01eefe8fa52daec2
-
SHA512
dfe7438c2b46f822e2a810bc355e5226043547608d19d1c70314e4325c06ad9ad63a797905e30d19f5d9a86ee1a6d9c28f525a298731e79dbf6f3d6441179a8e
-
SSDEEP
96:iqCVh8iNqVgRudZczLiJp2tvgaJOnT/323x3XQUPVAm6yBBECtu7ZyvN:9IhJqUudZkLi+bOni3x3X3PVR6yBBfj
Score3/10 -
-
-
Target
$PLUGINSDIR/GoogleTracingLib.dll
-
Size
36KB
-
MD5
d8fca35ff95fe00a7174177181f8bd13
-
SHA1
fbafea4d2790dd2c0d022dfb08ded91de7f5265e
-
SHA256
ad873f1e51e6d033e5507235ec735957256ebeeb0d3f22aa0b57bb4bd0846e4c
-
SHA512
eb530b10f137cb0cdfdcd2c11fd9f50f774e0ce44e9d2da3e755f6a6df24fe6e7525c27b109e3e68e9d3e49a889937a22f4d9d78703b1055a83b8a58808a58ba
-
SSDEEP
768:IWXV2fVEC5h9KclMCumc6plPHY4jq7rOZkdhKZV:8Smh9/BumTlg4kOZ+Kz
Score3/10 -