Overview

overview

10

Static

static

10

Telegram.apk

android-10-x64

1

Telegram.apk

android-11-x64

10

Telegram.apk

android-13-x64

10

Telegram.apk

android-9-x86

10

Resubmissions

29/05/2024, 07:27

240529-jal4hsfg67 7

17/02/2024, 16:25

240217-tw8vhsgf7s 10

16/02/2024, 10:12

240216-l812fagc8z 10

Sharing

Copy URL Twitter E-mail

General

  • Target

    Telegram.apk

  • Size

    70.9MB

  • Sample

    240216-l812fagc8z

  • MD5

    f1fe51f26374ecabc9b22248602b4f2b

  • SHA1

    98994636bdce2ea6c1e04cf4802f247f7923368f

  • SHA256

    e1abb68ae121dbea18a67dfa87f1fc260b93136c507dc34e6bcc39ca6b018b13

  • SHA512

    ae1350472e09a9b2f5038d52f09fddf20a7dabfaa10b4a9b5d4f49f9a27f467d048ae290632c49c0c3b7fcbd6f2ae09a0809061b23fd11902a22430f51c9d0a1

  • SSDEEP

    1572864:PBghAeDxa/b8SiFnCpRXj51QjQvx5X0GQFjm6L:PAANThiFCpRz5YQ3Dajm6L

Score
10/10
badbazaarandroidcollectioninfostealerspywaretrojan

Malware Config

Targets

    • Target

      Telegram.apk

    • Size

      70.9MB

    • MD5

      f1fe51f26374ecabc9b22248602b4f2b

    • SHA1

      98994636bdce2ea6c1e04cf4802f247f7923368f

    • SHA256

      e1abb68ae121dbea18a67dfa87f1fc260b93136c507dc34e6bcc39ca6b018b13

    • SHA512

      ae1350472e09a9b2f5038d52f09fddf20a7dabfaa10b4a9b5d4f49f9a27f467d048ae290632c49c0c3b7fcbd6f2ae09a0809061b23fd11902a22430f51c9d0a1

    • SSDEEP

      1572864:PBghAeDxa/b8SiFnCpRXj51QjQvx5X0GQFjm6L:PAANThiFCpRz5YQ3Dajm6L

    Score
    10/10
    badbazaarcollectioninfostealerspywaretrojan

    • BadBazaar

      BadBazaar is an Android spyware used by GREF APT group.

      spywareinfostealertrojanbadbazaar

    • Checks known Qemu pipes.

      Checks for known pipes used by the Android emulator to communicate with the host.

    • Reads the contacts stored on the device.

      collection

    • Acquires the wake lock

    behavioral1behavioral2behavioral3behavioral4

MITRE ATT&CK Mobile v15

Tasks