Overview

overview

7

Static

static

3

ADBAppCont...up.exe

windows7-x64

7

ADBAppCont...up.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    143s
  • max time network
    148s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240226-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
  • submitted
    27/03/2024, 08:36

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    ADBAppControl-1.8.3-setup.exe

  • Size

    5.6MB

  • MD5

    75df4f8849d50a4d76c5f8a88d75a5d6

  • SHA1

    af44436dc25cdf8959b803e8ec7a99990e6a5703

  • SHA256

    b4895632c651e1391f4f705d54a819508abd5713474cb6dfd8e90dca8a957431

  • SHA512

    2a39e58c137cefdd4f84cc356815eaa146d415c6d1ec40936f97507b5386274d6e13459c0b6127d114fd89bd7a94eb0a0e446b92096ce3b427855ac875ecf92b

  • SSDEEP

    98304:jSiovCfIKO0eTda9XUpGihjK445YzDeESU8CySYdKUMP+Pn/VF+:MKfIKOf6XUQOHzDeEkSY8UMP+ff+

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\ADBAppControl-1.8.3-setup.exe
    "C:\Users\Admin\AppData\Local\Temp\ADBAppControl-1.8.3-setup.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2720
    • C:\Users\Admin\AppData\Local\Temp\is-7RRB5.tmp\ADBAppControl-1.8.3-setup.tmp
      "C:\Users\Admin\AppData\Local\Temp\is-7RRB5.tmp\ADBAppControl-1.8.3-setup.tmp" /SL5="$80118,4963524,848384,C:\Users\Admin\AppData\Local\Temp\ADBAppControl-1.8.3-setup.exe"
      2⤵
      • Executes dropped EXE
      PID:1584

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\is-7RRB5.tmp\ADBAppControl-1.8.3-setup.tmp
    Filesize

    2.9MB

    MD5

    ca5cde7e224f649a4c6a11b9b3521b87

    SHA1

    242a633d85110b2a03ac6b447e0674caebbcee77

    SHA256

    60f17f397c7746819f4e60a452f82efa83c17d300fab6049fb42bbe39858735b

    SHA512

    cf5041270450482f2d43d4ca594bb5f674580c660483fdf30ecf31409daea1f2513a9a54c80e2913889f53bb4643480f5636816f77c90b7fe91ed000551de8a1

    Download Submit

  • memory/1584-5-0x0000000002700000-0x0000000002701000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1584-8-0x0000000000400000-0x00000000006FF000-memory.dmp

    Filesize

    3.0MB

    Download

  • memory/1584-11-0x0000000002700000-0x0000000002701000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2720-0-0x0000000000400000-0x00000000004DC000-memory.dmp

    Filesize

    880KB

    Download

  • memory/2720-6-0x0000000000400000-0x00000000004DC000-memory.dmp

    Filesize

    880KB

    Download