Overview

overview

8

Static

static

7

Android Fa....7.msi

windows7-x64

7

Android Fa....7.msi

windows10-2004-x64

7

Android Fa...up.msi

windows7-x64

8

Android Fa...up.msi

windows10-2004-x64

7

Android Fa....3.exe

windows7-x64

7

Android Fa....3.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Android_Fastboot__mini_ADB_Drivers.7z

  • Size

    28.0MB

  • Sample

    240119-shjsssgcem

  • MD5

    fba7d7f9a99c09fd175ac8e4902a54e1

  • SHA1

    a39ddb1103be9dedd488a9f5a8f7ef345fa19a47

  • SHA256

    b1029b95248846b315689e392a0a490051dbeaab2776547a4b6dcebed3585064

  • SHA512

    6b06acff457060a29683f1a659e51ffb8f90ea95ae4452c2a34ad33d37532914743c1a8b4669ff3b01fa29a628c7c70aafef0a7bfbf665645bd667ebe6fbc1cd

  • SSDEEP

    786432:T+9J/xUOos35MhicpZ/euMOqVLZIN9ND3r:T+9JKOt5E/Z2uYVl89NLr

Score
8/10
discoveryupx

Malware Config

Targets

    • Target

      Android Fastboot & mini ADB Drivers/Android ADB Fastboot 1.7.msi

    • Size

      3.7MB

    • MD5

      0a1e784597bc17f9b420796a7b931eeb

    • SHA1

      f2f9d0e17278a3eb9a6428b4cd6a1ca4094f7009

    • SHA256

      367521fd6b5f361df98a7c5b3809f030b64c431609d7ae4ba2690850ccf11b76

    • SHA512

      31bde1cd229f178b045429fcfc3b0d0f6f0d9c99e5cc7ec257e638ed3c713852e55f58bbf5bb2bdad2018038f0a69ea3aae066c6c24ea288f83c4ea5023670bb

    • SSDEEP

      98304:5YwADYeHcczaFB8i99RDGgYQB1mdMgWqO:jASIi9f97B1m6gA

    Score
    7/10

    • Loads dropped DLL

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1behavioral2

    • Target

      Android Fastboot & mini ADB Drivers/UniversalAdbDriverSetup.msi

    • Size

      16.3MB

    • MD5

      a0b1cc7c5c26044738798ba2e5e8c217

    • SHA1

      745bb99063748a2f309888467aac70c3c7ef6a2e

    • SHA256

      4e77e303bba6cf84588bdb6da91f7a875d406f7930cbe9f4d2aae0b643c0c928

    • SHA512

      2030a9e6cc935b40ac173bdcad434e200c36854b321da4324411e3ac58852445270a7aca379fd7c46ac95bf72a34fa924667cba5c7050af97d42880892e983f4

    • SSDEEP

      393216:Hc2Ryzq2+0lkPEezmlMUH9n0sEf0/c++oLw525IgfLJ5pz3:azHPKmVB0MUzMw525ljpz

    Score
    8/10

    • Manipulates Digital Signatures

      Attackers can apply techniques such as changing the registry keys of authenticode & Cryptography to obtain their binary as valid.

    • Executes dropped EXE

    • Loads dropped DLL

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

    behavioral3behavioral4

    • Target

      Android Fastboot & mini ADB Drivers/adb-setup-1.4.3.exe

    • Size

      9.2MB

    • MD5

      8c9085d4f753a2aab26082fd2eb46a8e

    • SHA1

      eae637085255a1c7d903a880374b20d108a3c38b

    • SHA256

      ca297f88ae58cc436028e07482e04e429e6bc81eab291cba814aa196d2c4f419

    • SHA512

      4163b79dda651eaef83408ceac6b6d4cfadb940be816c5261f0decd203324899d40779203eee8734d8616eb14cd5bf3a13bf649977856ac823f3b7723c7629e4

    • SSDEEP

      196608:cwYvfXDBYhBpeLHe3+EPegZT3VCz0TByC+Py7FU+LCZAsdX3LBO9:3ibBYDey3PFCuByPyhRwxBBI

    Score
    7/10
    discoveryupx

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery

    • Drops file in System32 directory

    behavioral5behavioral6

MITRE ATT&CK Enterprise v15

Tasks