Overview

overview

10

Static

static

10

Whatsapp.apk

android-9-x86

8

Whatsapp.apk

android-10-x64

8

Whatsapp.apk

android-11-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Whatsapp.apk

  • Size

    4.4MB

  • Sample

    240328-cpvkwada4t

  • MD5

    1c5bc63829617ed5e2cbc59f503d12df

  • SHA1

    85c0a467c6ea09917b9a59e495ab0376ee40bd33

  • SHA256

    48568a0d1fc29a2132d9e7bcb13012f24818c0d3b20de3306f24b39d90984128

  • SHA512

    0c1066ef5079f0fc1df4e0ae8e6d0396bd822a6b76f65b6987ffb238d17991241c152125026c7b54fc01df72d90bff61ca0c470066d2f86c58c5d2cbe49cef10

  • SSDEEP

    98304:VzqSZztG88l4t9QVjVDbE5bYmzszB6TH0tYOuqAZ+:VzqOh24t9SjGpnzJYFIw

Score
10/10
spynoteandroidcollectionevasionpersistence

Malware Config

Targets

    • Target

      Whatsapp.apk

    • Size

      4.4MB

    • MD5

      1c5bc63829617ed5e2cbc59f503d12df

    • SHA1

      85c0a467c6ea09917b9a59e495ab0376ee40bd33

    • SHA256

      48568a0d1fc29a2132d9e7bcb13012f24818c0d3b20de3306f24b39d90984128

    • SHA512

      0c1066ef5079f0fc1df4e0ae8e6d0396bd822a6b76f65b6987ffb238d17991241c152125026c7b54fc01df72d90bff61ca0c470066d2f86c58c5d2cbe49cef10

    • SSDEEP

      98304:VzqSZztG88l4t9QVjVDbE5bYmzszB6TH0tYOuqAZ+:VzqOh24t9SjGpnzJYFIw

    Score
    8/10
    collectionevasionpersistence

    • Makes use of the framework's Accessibility service

      Retrieves information displayed on the phone screen using AccessibilityService.

      collectionevasion

    • Makes use of the framework's foreground persistence service

      Application may abuse the framework's foreground service to continue running in the foreground.

      evasionpersistence

    • Requests enabling of the accessibility settings.

    • Acquires the wake lock

    behavioral1behavioral2behavioral3

MITRE ATT&CK Matrix

Tasks