41598d808337fd55b468013946f2eef5c99a52807b606f50145174beb69446fa | Triage

Sharing

General

Target

tv-phones.apk
Size

23.0MB
Sample

230308-gphnjaec65
MD5

4838a8d6fd532c09766968caa957fa71
SHA1

9c5480b85127f3f7520a8751c41ac6217340a01c
SHA256

41598d808337fd55b468013946f2eef5c99a52807b606f50145174beb69446fa
SHA512

9c03988f726c80f096b54d2f4b5d867ad0944e403da332bd3ab921169bc21822009f9d77ba8c6b56aa40cb238d91c74da0f148f40d571531d3a43ecf506b1f41
SSDEEP

393216:FNR1I1Iyy5goOQUux7hiTIWQrAW1OLUxQBO1jXnBUmSAxXdQTcVb82oRSO0jeecL:FNbIFOcQUeti0t1XxQwN3BUmSAldSE8P

Score

8^/10

android banker

Malware Config

Targets

- Target
  
  tv-phones.apk
- Size
  
  23.0MB
- MD5
  
  4838a8d6fd532c09766968caa957fa71
- SHA1
  
  9c5480b85127f3f7520a8751c41ac6217340a01c
- SHA256
  
  41598d808337fd55b468013946f2eef5c99a52807b606f50145174beb69446fa
- SHA512
  
  9c03988f726c80f096b54d2f4b5d867ad0944e403da332bd3ab921169bc21822009f9d77ba8c6b56aa40cb238d91c74da0f148f40d571531d3a43ecf506b1f41
- SSDEEP
  
  393216:FNR1I1Iyy5goOQUux7hiTIWQrAW1OLUxQBO1jXnBUmSAxXdQTcVb82oRSO0jeecL:FNbIFOcQUeti0t1XxQwN3BUmSAldSE8P
Score

8^/10

banker
- Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps).
  banker
- Legitimate hosting services abused for malware hosting/C2
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Web Service

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2