8a3179b917f4d796b30be0422f1f7af3fc375e0464a633bc6b586e4fecfe27b8 | Triage

Sharing

General

Target

8a3179b917f4d796b30be0422f1f7af3fc375e0464a633bc6b586e4fecfe27b8
Size

19.3MB
Sample

231220-gvdlrsacd3
MD5

3bf9ad6b82f880ad5bfeb1e8b44f2b6d
SHA1

6057f7ffc87fce6900ac800bd07098c0236ffff4
SHA256

8a3179b917f4d796b30be0422f1f7af3fc375e0464a633bc6b586e4fecfe27b8
SHA512

c56acbbfea6ff9782a49117d44f529fca6adcf9f292beade32b4c86b0dea334846f873000573a95d98a404f04a70dc8f24ed3fcc876d850e8e1fc91dbab1c953
SSDEEP

393216:PxpHQ0xKG0R74ePwELM76JJ/er1ITBLqaV3lnW1Uke/ZBjaE+BJr6W9jehzD8qn9:PxJQQu74HEI76LeSZXUWkeR8Eir6W9jk

Score

8^/10

android evasion

Malware Config

Targets

- Target
  
  8a3179b917f4d796b30be0422f1f7af3fc375e0464a633bc6b586e4fecfe27b8
- Size
  
  19.3MB
- MD5
  
  3bf9ad6b82f880ad5bfeb1e8b44f2b6d
- SHA1
  
  6057f7ffc87fce6900ac800bd07098c0236ffff4
- SHA256
  
  8a3179b917f4d796b30be0422f1f7af3fc375e0464a633bc6b586e4fecfe27b8
- SHA512
  
  c56acbbfea6ff9782a49117d44f529fca6adcf9f292beade32b4c86b0dea334846f873000573a95d98a404f04a70dc8f24ed3fcc876d850e8e1fc91dbab1c953
- SSDEEP
  
  393216:PxpHQ0xKG0R74ePwELM76JJ/er1ITBLqaV3lnW1Uke/ZBjaE+BJr6W9jehzD8qn9:PxJQQu74HEI76LeSZXUWkeR8Eir6W9jk
Score

8^/10

evasion
- Requests cell location
  Uses Android APIs to to get current cell location.
- Acquires the wake lock
- Legitimate hosting services abused for malware hosting/C2
- Reads information about phone network operator.
- Checks the presence of a debugger
  evasion
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2