Overview

overview

10

Static

static

10

ДПС Радар.apk

android-9-x86

10

ДПС Радар.apk

android-10-x64

1

ДПС Радар.apk

android-11-x64

10

Analysis

  • max time kernel
    2013443s
  • max time network
    154s
  • platform
    android_x64
  • resource
    android-x64-arm64-20231215-en
  • resource tags

    androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20231215-enlocale:en-usos:android-11-x64system
  • submitted
    17-12-2023 13:38

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    ДПС Радар.apk

  • Size

    6.7MB

  • MD5

    a147042f304d15cdaad052759ae1c7cb

  • SHA1

    bbcf806778af5177ad7a0c12ceb2d66a91e25c23

  • SHA256

    cb877e127afb8b33024f20b38bb1ed4769e550c3ff1e81511e8b44cb233625bf

  • SHA512

    930160dabbe83baeb1647a444ec091d1aab15d99732e5e5cbc82e3322be2c050affd7e8a646c94320499017d650a2fd15242c09647553df8b6829e29d8059af0

  • SSDEEP

    98304:oXYEwTQPRG6+5c+H7c3f7833DAlAMWLDRdcmiWSRGxMK4PDMVrJaYyCZ2zjcGo:oX5wTQA7c+3mAMa8mZkUOgrAYylzQGo

Score
10/10
smsagentinfostealerspywaretrojan

Malware Config

Extracted

Family

smsagent

C2

https://2913-172-233-49-172.ngrok-free.app

Signatures

  • smsagent

    SmsAgent is an Android malware that targets victim SMS messages using Telegram as its C2.

    trojaninfostealerspywaresmsagent
  • Reads the content of SMS inbox messages. 1 IoCs
    infostealer
  • Acquires the wake lock 1 IoCs
  • Queries the unique device ID (IMEI, MEID, IMSI)

Processes

  • android.com
    1⤵
    • Reads the content of SMS inbox messages.
    • Acquires the wake lock
    PID:4610

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads