Overview

overview

10

Static

static

10

telegram-10-6-5.apk

android-13-x64

10

Resubmissions

13/02/2024, 20:20

240213-y4tssagh4t 10

13/02/2024, 19:47

240213-yhg7vsgf4v 10

13/02/2024, 01:31

240213-bxr92sgb6w 10

13/02/2024, 00:52

240213-a77baaha87 10

12/02/2024, 21:58

240212-1vmzzsda2w 10

12/02/2024, 21:45

240212-1mjbtscg6t 10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    telegram-10-6-5.apk

  • Size

    70.8MB

  • Sample

    240213-yhg7vsgf4v

  • MD5

    944826b97c0b96270d971df9537263b3

  • SHA1

    290f12bd5e391a69cf7925e915fb45ac59e385af

  • SHA256

    47845098925514ce92cb73bf78b4e60d40474d017775428dd4b54d13eab324f7

  • SHA512

    b3009aba39804ffb26fdcd162033d3eb6b8f54b682a87396e773620ea65365d3ec8f4cc3de7280daa7f256dd60453d252dd16f685f288b649caa10e2efe8d34e

  • SSDEEP

    1572864:k61Heua/b8SiFnCpRXj51QjQvxeX0GQmxd:kMHeFThiFCpRz5YQ4DZxd

Score
10/10
badbazaarandroidinfostealerspywaretrojan

Malware Config

Targets

    • Target

      telegram-10-6-5.apk

    • Size

      70.8MB

    • MD5

      944826b97c0b96270d971df9537263b3

    • SHA1

      290f12bd5e391a69cf7925e915fb45ac59e385af

    • SHA256

      47845098925514ce92cb73bf78b4e60d40474d017775428dd4b54d13eab324f7

    • SHA512

      b3009aba39804ffb26fdcd162033d3eb6b8f54b682a87396e773620ea65365d3ec8f4cc3de7280daa7f256dd60453d252dd16f685f288b649caa10e2efe8d34e

    • SSDEEP

      1572864:k61Heua/b8SiFnCpRXj51QjQvxeX0GQmxd:kMHeFThiFCpRz5YQ4DZxd

    Score
    10/10
    badbazaarinfostealerspywaretrojan

    • BadBazaar

      BadBazaar is an Android spyware used by GREF APT group.

      spywareinfostealertrojanbadbazaar

    • Checks known Qemu pipes.

      Checks for known pipes used by the Android emulator to communicate with the host.

    • Acquires the wake lock

    behavioral1

MITRE ATT&CK Matrix

Tasks