General

  • Target

    15.Second.ADB.Installer.v1.5.6.zip

  • Size

    11.7MB

  • Sample

    240614-bmb53syhqf

  • MD5

    cc6366a3f66d7c5568c0aebf2180a5da

  • SHA1

    de0c052e753e08ed950b944798532468cd83aa60

  • SHA256

    6d676f6b73c8785d62184ee04bf5b956532fb59598afbdab0040ad1bccf90f92

  • SHA512

    3c182d0dd16d9cb2841e2ba06c1350e5c8bb099d61ec8d1315366050dcdf55b50e96c53aedf416e67e064d993cb2c2ab1612ed9cfc34f79f2eabbb0091a46f2e

  • SSDEEP

    196608:1WMFYefEtrLtrWG6z3jgGyrb6yDzhrM5Xzc/J1SpnY72TjJeLScZy7/ZftT8HKF3:hYoirFaEbNxM54Lc8k9KSoUj8H4mNkr

Score
8/10

Malware Config

Targets

    • Target

      15 Second ADB Installer v1.5.6.exe

    • Size

      12.0MB

    • MD5

      a4705082d17a2081a47f47a3d28711c7

    • SHA1

      037a52083e8634748224d224e6b068970ec7b6a4

    • SHA256

      6aedb17d951f24fa20496ec01639ad54aa9b82968102cf5ebf2db1426500a2e4

    • SHA512

      6b3d78af4ae025dd19416e12ae3001ae06be91e353f42d1cbb0f4a980e857d8fdf438dded10112b7b5402b13184ff561342ee990f891e62a1b48fcd84f082247

    • SSDEEP

      196608:GOQ7CgNq3j1nlwp8J3BoYzFeGjF/nwqLLkzJ1S1nRp+9H51j3qZLqNjHNpVAZCRm:cCc0j3KsFB5wqUzOf8ZNqxSJAZW2LcU

    Score
    8/10
    • Manipulates Digital Signatures

      Attackers can apply techniques such as changing the registry keys of authenticode & Cryptography to obtain their binary as valid.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks