Overview

overview

10

Static

static

10

32140d662d...21.apk

android-9-x86

10

32140d662d...21.apk

android-10-x64

1

32140d662d...21.apk

android-11-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    32140d662d1fea8485d34bcd42ed3f56c410c0a3160d6bdb36a517b1863da821.apk

  • Size

    6.4MB

  • Sample

    231211-pz17magce9

  • MD5

    79d560dcc8f5862b745478e10d311da6

  • SHA1

    df4d9cd0baeb02beb8d910c4222b877d74e05c8e

  • SHA256

    32140d662d1fea8485d34bcd42ed3f56c410c0a3160d6bdb36a517b1863da821

  • SHA512

    3249532a249636b23cb4e232ac8118d18cd8ac8f0c4b0fd0ba4383216650d18ed04e4d6f0f10a5d14443d3698dd7ab45d6e81530b3a595b6d2027365940412c0

  • SSDEEP

    196608:XiwTQLxeffSTHbdNTluzn21mZkJ5AYylzj8/s2Eh:XiwTQVQuVuz2EYAYgzjVh

Score
10/10
smsagentandroidinfostealerspywaretrojan

Malware Config

Extracted

Family

smsagent

C2

https://cc17-172-233-49-172.ngrok-free.app

Targets

    • Target

      32140d662d1fea8485d34bcd42ed3f56c410c0a3160d6bdb36a517b1863da821.apk

    • Size

      6.4MB

    • MD5

      79d560dcc8f5862b745478e10d311da6

    • SHA1

      df4d9cd0baeb02beb8d910c4222b877d74e05c8e

    • SHA256

      32140d662d1fea8485d34bcd42ed3f56c410c0a3160d6bdb36a517b1863da821

    • SHA512

      3249532a249636b23cb4e232ac8118d18cd8ac8f0c4b0fd0ba4383216650d18ed04e4d6f0f10a5d14443d3698dd7ab45d6e81530b3a595b6d2027365940412c0

    • SSDEEP

      196608:XiwTQLxeffSTHbdNTluzn21mZkJ5AYylzj8/s2Eh:XiwTQVQuVuz2EYAYgzjVh

    Score
    10/10
    smsagentinfostealerspywaretrojan

    • smsagent

      SmsAgent is an Android malware that targets victim SMS messages using Telegram as its C2.

      trojaninfostealerspywaresmsagent

    • Reads the content of SMS inbox messages.

      infostealer

    • Acquires the wake lock

    • Queries the unique device ID (IMEI, MEID, IMSI)

    behavioral1behavioral2behavioral3

MITRE ATT&CK Matrix

Tasks