triada | 0ab07d0f32d24afbceda6342d3a1f09a4e1a9a59cfd3c7ecef47c72a5093b924 | Triage

Sharing

General

Target

WhatsApp_2.24.2.20-By._SamMods.apk
Size

91.1MB
Sample

240315-whcahafa2y
MD5

da89ada934b18eb084b5fc2c58e067d3
SHA1

472c0ac0f22cabe95251e0790ae6f75b24ff3e02
SHA256

0ab07d0f32d24afbceda6342d3a1f09a4e1a9a59cfd3c7ecef47c72a5093b924
SHA512

16d8d11457f99a1295df786b06efa5633833242b29184fcb2b4d288d01093c833e9b4314352a5b20a44366eab7b041fab3f233eca8aee455f2d216019ce898e4
SSDEEP

1572864:/B6WsmUzdS49MCvBE9dMxyAzr3Y81PapJHXsDLDajNbo1vC2:/B/U5S49MoE9unzM89QDhb0C2

Score

10^/10

triada android discovery evasion

Malware Config

Targets

- Target
  
  WhatsApp_2.24.2.20-By._SamMods.apk
- Size
  
  91.1MB
- MD5
  
  da89ada934b18eb084b5fc2c58e067d3
- SHA1
  
  472c0ac0f22cabe95251e0790ae6f75b24ff3e02
- SHA256
  
  0ab07d0f32d24afbceda6342d3a1f09a4e1a9a59cfd3c7ecef47c72a5093b924
- SHA512
  
  16d8d11457f99a1295df786b06efa5633833242b29184fcb2b4d288d01093c833e9b4314352a5b20a44366eab7b041fab3f233eca8aee455f2d216019ce898e4
- SSDEEP
  
  1572864:/B6WsmUzdS49MCvBE9dMxyAzr3Y81PapJHXsDLDajNbo1vC2:/B/U5S49MoE9unzM89QDhb0C2
Score

7^/10

discovery evasion
- Loads dropped Dex/Jar
  Runs executable file dropped to the device during analysis.
  evasion
- Acquires the wake lock
- Reads information about phone network operator.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Download New Code at Runtime

Credential Access

Discovery

System Network Configuration Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

discoveryevasion