smsworm | 3ec94db19fbaedb63d0b331901d4da6fd7b32026184f74e8ea3650e220532f47 | Triage

Sharing

General

Target

3ec94db19fbaedb63d0b331901d4da6fd7b32026184f74e8ea3650e220532f47
Size

14.8MB
Sample

240318-l5nxpseb36
MD5

4382bc6bd23838059ecb09103b76d4f8
SHA1

2de7fb5549cff3bb04c17a7ca4930c6d7f89f2a5
SHA256

3ec94db19fbaedb63d0b331901d4da6fd7b32026184f74e8ea3650e220532f47
SHA512

273c03e69adb54d6b5c72f53a28e6f4f76d9355675b5185f9dcbbd07494a54192a74ffa3981f11009fbbcbed875d1048b78e21790bb014b9962275246193d2ce
SSDEEP

393216:o0oJyyZ/xsCfcBdJmNo3Oj7SKJMk6Ep8F5FkhnkzUfvOVU:oPyyYYmmEOj0k6pF5Fzc7

Score

10^/10

smsworm android discovery evasion

Malware Config

Targets

- Target
  
  3ec94db19fbaedb63d0b331901d4da6fd7b32026184f74e8ea3650e220532f47
- Size
  
  14.8MB
- MD5
  
  4382bc6bd23838059ecb09103b76d4f8
- SHA1
  
  2de7fb5549cff3bb04c17a7ca4930c6d7f89f2a5
- SHA256
  
  3ec94db19fbaedb63d0b331901d4da6fd7b32026184f74e8ea3650e220532f47
- SHA512
  
  273c03e69adb54d6b5c72f53a28e6f4f76d9355675b5185f9dcbbd07494a54192a74ffa3981f11009fbbcbed875d1048b78e21790bb014b9962275246193d2ce
- SSDEEP
  
  393216:o0oJyyZ/xsCfcBdJmNo3Oj7SKJMk6Ep8F5FkhnkzUfvOVU:oPyyYYmmEOj0k6pF5Fzc7
Score

7^/10

discovery evasion
- Loads dropped Dex/Jar
  Runs executable file dropped to the device during analysis.
  evasion
- Reads information about phone network operator.
  discovery
- Listens for changes in the sensor environment (might be used to detect emulation)
  evasion
behavioral1

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Download New Code at Runtime

Credential Access

Discovery

System Network Configuration Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasion