General

  • Target

    PersonalMessenger.apk

  • Size

    75.5MB

  • Sample

    230918-q1fsraca22

  • MD5

    eccb8868e7a2f57e7f07ed79b6b6c115

  • SHA1

    3f0d58a6ba8c0518c8df1567ed9761dc9bdc6c77

  • SHA256

    36bfcc34b706c0fb9b6d38e079a1cbf89d759095def7686aea403d79328c4e49

  • SHA512

    64d8881d134ffa8b8973e7fb3e40186a6a6b49ee161595cf84fba1579f55cd2c15816dc7c1377c4496a8e7059501f46b93ef2d1f59ae3c6579184faa0948a694

  • SSDEEP

    786432:WcrVt8DKEy/tPPYBOHkQlvfLX8RLbO0uM8oAffI0mN3OQ7LMa3lQ9eXknxHy:WcrTp1PaAkQlILb0nMO+MkOS

Score
7/10

Malware Config

Targets

    • Target

      PersonalMessenger.apk

    • Size

      75.5MB

    • MD5

      eccb8868e7a2f57e7f07ed79b6b6c115

    • SHA1

      3f0d58a6ba8c0518c8df1567ed9761dc9bdc6c77

    • SHA256

      36bfcc34b706c0fb9b6d38e079a1cbf89d759095def7686aea403d79328c4e49

    • SHA512

      64d8881d134ffa8b8973e7fb3e40186a6a6b49ee161595cf84fba1579f55cd2c15816dc7c1377c4496a8e7059501f46b93ef2d1f59ae3c6579184faa0948a694

    • SSDEEP

      786432:WcrVt8DKEy/tPPYBOHkQlvfLX8RLbO0uM8oAffI0mN3OQ7LMa3lQ9eXknxHy:WcrTp1PaAkQlILb0nMO+MkOS

    Score
    7/10
    • Acquires the wake lock.

    • Legitimate hosting services abused for malware hosting/C2

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Target

      baseline.prof

    • Size

      1006B

    • MD5

      47a763921d0d7995e9b560ce2bde6dd5

    • SHA1

      f6c2fb0207ddd20ba37ea89bd3617bac1d557fd1

    • SHA256

      602367f4c57f1eefbfe872e9eb49f369a8ebd7ad4a5ce39a3601a1604ddd92e8

    • SHA512

      c86543734fc0d627816a453a1bf13ef71718abedb682e3a04849aabe6dd719fce1cd07e8a35d17d33b218ff749718789f9166d893cfed4be635543ab69aa1db6

    Score
    3/10
    • Target

      baseline.profm

    • Size

      205B

    • MD5

      ed4a7b465662696bb4900080487207b3

    • SHA1

      c616d6039a986fe844d177dcd67bdb703fd98676

    • SHA256

      a2c93b02e8b9d2373ce7ff4a1054c7dc5a2d617a88bd07bd538f47de2d8b9f8e

    • SHA512

      3df0abacd679a44374780cf7c174544359fea584186a784e6a898be1f28a3e18415c22ff0d09f973f518093ba7f0fd68c9417a5f61314f75ca87353fc9c0f7ca

    Score
    3/10

MITRE ATT&CK Enterprise v15

Tasks