3647d81859e4b44ee4f32ad2cda1178898d8c0cedfdbd26055d1373288d247ba | Triage

Sharing

General

Target

rookie_2.28_portable.zip
Size

1.0MB
Sample

240429-cnrgtsfc36
MD5

5a51d9ca0f1c4f315a731521af901e2f
SHA1

139c7f786e68c3b75b3278ebfdd21b6e4a3bd5a1
SHA256

3647d81859e4b44ee4f32ad2cda1178898d8c0cedfdbd26055d1373288d247ba
SHA512

0a1697ed7f4b9513048aad523cf3ccf57c28621729280dd699ba35fe0f863d7f1850c3a43206f4a79215dc0463d38c4d7ca86275ddd1048e991bcd6f2d0d4e4e
SSDEEP

24576:CnouQhp61JpwDauxFS0bBYzpFzA/JTNpu1aOJ+QBmloQ5XUlm+nr:CnouQT6JwDaU80bB8M/JppzOoQKouXcB

Score

8^/10

Malware Config

Targets

- Target
  
  AndroidSideloader v2.28.exe
- Size
  
  4.0MB
- MD5
  
  20947cc58e2add3e4b157273bad06541
- SHA1
  
  24e769605cf998cfb88b7425fbce274389040ab1
- SHA256
  
  989ebdeb5fc4114b6db0fc7f29e44e63ad42ece9842ca99a872fba33033f99bb
- SHA512
  
  896009a698abfcfabe0776bab2ebd3e570b0e3bd550b419241e1c5706940498a9fc1ca41b0b6352248a148781498d640d5d9c37381f2585978761a447820b296
- SSDEEP
  
  12288:QYGiwTOrVwTOnwTOnwTO9xpwTO/HwTOnwTOmEoyyN302V8gvp5bu9TlLfUTdwq1e:QY9jV//Ppn/0yyNEwJvvbuhZUTd+h
Score

8^/10
- Downloads MZ/PE file
- Executes dropped EXE
- Loads dropped DLL
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2 behavioral3

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3