General
-
Target
SAMTOOLv2.1.1.2.rar
-
Size
5.3MB
-
Sample
230409-wxxjzseb9s
-
MD5
ccaab36f3bc2360a9da8d0e5dd41b9ef
-
SHA1
38266da2dca043bb05aa4dd69a64433c2e2764b1
-
SHA256
25d32aaaf985ce7bb19efb21c0c0cbfd71a454dc4d421131e9faf2e25bc1bba0
-
SHA512
2f871af0cbe66459f9fb07de8fbdae525d75f48e80824e1607857dc15dc5f46e422a5a386593f77fe0757f6eca880fe6c92f57c3485fe895adfce47de005a25a
-
SSDEEP
98304:obLp4Ogr0OVhPk1jNxpbPqg0HstxlNkbOjMybnCFOK:+2XwuNWjrpbPR8stvNkajjeFx
Static task
static1
Behavioral task
behavioral1
Sample
ADB/AdbWinApi.dll
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
ADB/AdbWinApi.dll
Resource
win10v2004-20230220-en
Behavioral task
behavioral3
Sample
ADB/AdbWinUsbApi.dll
Resource
win7-20230220-en
Behavioral task
behavioral4
Sample
ADB/AdbWinUsbApi.dll
Resource
win10v2004-20230221-en
Behavioral task
behavioral5
Sample
ADB/adb.exe
Resource
win7-20230220-en
Behavioral task
behavioral6
Sample
ADB/adb.exe
Resource
win10v2004-20230220-en
Behavioral task
behavioral7
Sample
SAMTOOL.exe
Resource
win7-20230220-en
Behavioral task
behavioral8
Sample
SAMTOOL.exe
Resource
win10v2004-20230220-en
Malware Config
Targets
-
-
Target
ADB/AdbWinApi.dll
-
Size
95KB
-
MD5
ed5a809dc0024d83cbab4fb9933d598d
-
SHA1
0bc5a82327f8641d9287101e4cc7041af20bad57
-
SHA256
d60103a5e99bc9888f786ee916f5d6e45493c3247972cb053833803de7e95cf9
-
SHA512
1fdb74ee5912fbdd2c0cba501e998349fecfbef5f4f743c7978c38996aa7e1f38e8ac750f2dc8f84b8094de3dd6fa3f983a29f290b3fa2cdbdaed691748baf17
-
SSDEEP
1536:Jwqdq+3pvspmLh8SCykrpTG7kfGHuNezq02XJqo+iFi1yCP:JwqD3L8Tezq0et+ui1y
Score3/10 -
-
-
Target
ADB/AdbWinUsbApi.dll
-
Size
61KB
-
MD5
0e24119daf1909e398fa1850b6112077
-
SHA1
293eedadb3172e756a421790d551e407457e0a8c
-
SHA256
25207c506d29c4e8dceb61b4bd50e8669ba26012988a43fbf26a890b1e60fc97
-
SHA512
9cbb26e555ab40b019a446337db58770b9a0c9c08316ff1e1909c4b6d99c00bd33522d05890870a91b4b581e20c7dce87488ab0d22fc3c4bbdd7e9b38f164b43
-
SSDEEP
1536:l72doFmOiHizFbPlspcsbj5ZsP+YeTs1p:lSSfN9+YeTs1p
Score3/10 -
-
-
Target
ADB/adb.exe
-
Size
1.8MB
-
MD5
58f6686b8d212f74f6f960dd4fe7fdb8
-
SHA1
7e6dde019f8174b4d0001402252fa6ce98310c19
-
SHA256
b40abda76f72462483a95321caf431b752b7988de0f92bcb0ba27bf6e3b86bfc
-
SHA512
1ace6cf12d81ea917f3d0b6a7b3b435b32c4cbf0f76006f19613b869352615a2f2f0528dca9e879dd5f910d13bbbfa7ea145cf486c923a137b735016a22fcfd9
-
SSDEEP
49152:m6BoFanJpXxcol5s0rKWwzjIoiU70t7mF8h+bu:JAWJpXxJ5s0rKWwzjIoiU7nu
Score1/10 -
-
-
Target
SAMTOOL.exe
-
Size
5.0MB
-
MD5
01ec71d7c98cbd68b6bfb26efad47ed6
-
SHA1
0c683f934438391c434e130073aae85ce5cb2c07
-
SHA256
792aa3b430a6f897d5b201553a3421acff0d0a6aacfbf9ddfd6134cafb571cef
-
SHA512
9190286483f90a2f4367ad989f98b440b6c4a6fc02d66610df5d3eec9fd4b5fd1106c48f47c0735953644ea5cfdc80b84c7bd3ee7e9f7f61745fcb7ccde441d3
-
SSDEEP
98304:EKUNmlnsLSU/hsNLqeAhGB69t5QZPcN1XrbtBv3Y97fDh6/bGS:wIlslu1go0taZEfYpfk/
Score7/10-
Obfuscated with Agile.Net obfuscator
Detects use of the Agile.Net commercial obfuscator, which is capable of entity renaming and control flow obfuscation.
-