9994cc0367e3f5513066bf33a19a008062833deb42a7b6e53fffb9ead3272588 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c0fe2d2c6669b54290f5e06909d72ddc
Size

10.4MB
Sample

240311-tdetqaeg8s
MD5

c0fe2d2c6669b54290f5e06909d72ddc
SHA1

0459274fca6d1a459e698db87aceee6f63c4ec28
SHA256

9994cc0367e3f5513066bf33a19a008062833deb42a7b6e53fffb9ead3272588
SHA512

06c0f291b1a8f25c1ab35c794f4da01b0b533aa45fea454e418fcc1f20a1f000ce41bf0e861b8fcffe15aea3cd838882ae9be966eba11ff814d03922c7635fcd
SSDEEP

196608:axzqNGUFyQcXxGOZkV5AV0e4lf0fAQEBP95a1kdFhuSYBMwoTs0AW08/:axWNlyQcXFCVMw04Q+IUTeUTDF08/

Score

8^/10

android collection discovery evasion

Malware Config

Targets

- Target
  
  c0fe2d2c6669b54290f5e06909d72ddc
- Size
  
  10.4MB
- MD5
  
  c0fe2d2c6669b54290f5e06909d72ddc
- SHA1
  
  0459274fca6d1a459e698db87aceee6f63c4ec28
- SHA256
  
  9994cc0367e3f5513066bf33a19a008062833deb42a7b6e53fffb9ead3272588
- SHA512
  
  06c0f291b1a8f25c1ab35c794f4da01b0b533aa45fea454e418fcc1f20a1f000ce41bf0e861b8fcffe15aea3cd838882ae9be966eba11ff814d03922c7635fcd
- SSDEEP
  
  196608:axzqNGUFyQcXxGOZkV5AV0e4lf0fAQEBP95a1kdFhuSYBMwoTs0AW08/:axWNlyQcXFCVMw04Q+IUTeUTDF08/
Score

8^/10

collection discovery evasion
- Requests cell location
  Uses Android APIs to to get current cell location.
  collection discovery
- Queries the unique device ID (IMEI, MEID, IMSI)
  discovery
- Reads information about phone network operator.
  discovery
- Listens for changes in the sensor environment (might be used to detect emulation)
  evasion
behavioral1 behavioral2

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Location Tracking

System Network Configuration Discovery

Lateral Movement

Collection

Location Tracking

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

collectiondiscoveryevasion

behavioral2

collectiondiscoveryevasion