General

  • Target

    a280006bb01147124ba4472ecd9206cf102226504b2446fc2371067f6fcf848f

  • Size

    5MB

  • Sample

    220521-p2x8ragdh3

  • MD5

    183d1e2b8a0a22373084c59b4dca8859

  • SHA1

    b7502902b080b6d436441cd1088aea88316768aa

  • SHA256

    a280006bb01147124ba4472ecd9206cf102226504b2446fc2371067f6fcf848f

  • SHA512

    04683667419d629e4d9f87d97ba213ece8c3ec55f589fa906cc60c2daed03748a2f60e1a29e4172fe39195cfa67e1d965843ece17b9a9d6ce25c85e9fb36813c

Score
7/10

Malware Config

Targets

    • Target

      a280006bb01147124ba4472ecd9206cf102226504b2446fc2371067f6fcf848f

    • Size

      5MB

    • MD5

      183d1e2b8a0a22373084c59b4dca8859

    • SHA1

      b7502902b080b6d436441cd1088aea88316768aa

    • SHA256

      a280006bb01147124ba4472ecd9206cf102226504b2446fc2371067f6fcf848f

    • SHA512

      04683667419d629e4d9f87d97ba213ece8c3ec55f589fa906cc60c2daed03748a2f60e1a29e4172fe39195cfa67e1d965843ece17b9a9d6ce25c85e9fb36813c

    Score
    7/10
    • Queries the unique device ID (IMEI, MEID, IMSI).

    • Reads information about phone network operator.

    • Uses Crypto APIs (Might try to encrypt user data).

MITRE ATT&CK Matrix

Collection

    Command and Control

      Credential Access

        Defense Evasion

          Discovery

            Execution

              Exfiltration

                Impact

                  Initial Access

                    Lateral Movement

                      Persistence

                        Privilege Escalation