b1029b95248846b315689e392a0a490051dbeaab2776547a4b6dcebed3585064 | Triage

Sharing

General

Target

Android_Fastboot__mini_ADB_Drivers.7z
Size

28.0MB
Sample

230916-xztfsafg25
MD5

fba7d7f9a99c09fd175ac8e4902a54e1
SHA1

a39ddb1103be9dedd488a9f5a8f7ef345fa19a47
SHA256

b1029b95248846b315689e392a0a490051dbeaab2776547a4b6dcebed3585064
SHA512

6b06acff457060a29683f1a659e51ffb8f90ea95ae4452c2a34ad33d37532914743c1a8b4669ff3b01fa29a628c7c70aafef0a7bfbf665645bd667ebe6fbc1cd
SSDEEP

786432:T+9J/xUOos35MhicpZ/euMOqVLZIN9ND3r:T+9JKOt5E/Z2uYVl89NLr

Score

7^/10

upx

Malware Config

Targets

- Target
  
  Android Fastboot & mini ADB Drivers/Android ADB Fastboot 1.7.msi
- Size
  
  3.7MB
- MD5
  
  0a1e784597bc17f9b420796a7b931eeb
- SHA1
  
  f2f9d0e17278a3eb9a6428b4cd6a1ca4094f7009
- SHA256
  
  367521fd6b5f361df98a7c5b3809f030b64c431609d7ae4ba2690850ccf11b76
- SHA512
  
  31bde1cd229f178b045429fcfc3b0d0f6f0d9c99e5cc7ec257e638ed3c713852e55f58bbf5bb2bdad2018038f0a69ea3aae066c6c24ea288f83c4ea5023670bb
- SSDEEP
  
  98304:5YwADYeHcczaFB8i99RDGgYQB1mdMgWqO:jASIi9f97B1m6gA
Score

7^/10
- Loads dropped DLL
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2
- Target
  
  Android Fastboot & mini ADB Drivers/UniversalAdbDriverSetup.msi
- Size
  
  16.3MB
- MD5
  
  a0b1cc7c5c26044738798ba2e5e8c217
- SHA1
  
  745bb99063748a2f309888467aac70c3c7ef6a2e
- SHA256
  
  4e77e303bba6cf84588bdb6da91f7a875d406f7930cbe9f4d2aae0b643c0c928
- SHA512
  
  2030a9e6cc935b40ac173bdcad434e200c36854b321da4324411e3ac58852445270a7aca379fd7c46ac95bf72a34fa924667cba5c7050af97d42880892e983f4
- SSDEEP
  
  393216:Hc2Ryzq2+0lkPEezmlMUH9n0sEf0/c++oLw525IgfLJ5pz3:azHPKmVB0MUzMw525ljpz
Score

7^/10
- Loads dropped DLL
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral3 behavioral4
- Target
  
  Android Fastboot & mini ADB Drivers/adb-setup-1.4.3.exe
- Size
  
  9.2MB
- MD5
  
  8c9085d4f753a2aab26082fd2eb46a8e
- SHA1
  
  eae637085255a1c7d903a880374b20d108a3c38b
- SHA256
  
  ca297f88ae58cc436028e07482e04e429e6bc81eab291cba814aa196d2c4f419
- SHA512
  
  4163b79dda651eaef83408ceac6b6d4cfadb940be816c5261f0decd203324899d40779203eee8734d8616eb14cd5bf3a13bf649977856ac823f3b7723c7629e4
- SSDEEP
  
  196608:cwYvfXDBYhBpeLHe3+EPegZT3VCz0TByC+Py7FU+LCZAsdX3LBO9:3ibBYDey3PFCuByPyhRwxBBI
Score

7^/10

upx
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral5 behavioral6

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6