General

  • Target

    767744f41c8feb141369122e5d3d75b636ccc63ecef3865b82e8420ee44ec19b

  • Size

    31.7MB

  • Sample

    240410-n6jeqaaa3x

  • MD5

    babbd2b9f9267b43cd8abf8e6bca5b10

  • SHA1

    79bd0bdfdc3645531c6285c3eb7c24cd0d6b0faf

  • SHA256

    767744f41c8feb141369122e5d3d75b636ccc63ecef3865b82e8420ee44ec19b

  • SHA512

    99471ff424f85d19488e982cc7af0562a02ff9c6dc2bf0fa480fdcaef423a7fbdf4c32bcfee68c51efa46e74e29f8e86907b0550e7445025d547f1949f1250a0

  • SSDEEP

    786432:WB3Em1PXhYsVpTJt9DU86F+VQ5+XoX063L7JE:W5EeXh7XTDy8+kO+Yx3LdE

Malware Config

Extracted

Family

bahamut

C2

https://ft8hua063okwfdcu21pw.de/api/v0.0.1/device/

Targets

    • Target

      767744f41c8feb141369122e5d3d75b636ccc63ecef3865b82e8420ee44ec19b

    • Size

      31.7MB

    • MD5

      babbd2b9f9267b43cd8abf8e6bca5b10

    • SHA1

      79bd0bdfdc3645531c6285c3eb7c24cd0d6b0faf

    • SHA256

      767744f41c8feb141369122e5d3d75b636ccc63ecef3865b82e8420ee44ec19b

    • SHA512

      99471ff424f85d19488e982cc7af0562a02ff9c6dc2bf0fa480fdcaef423a7fbdf4c32bcfee68c51efa46e74e29f8e86907b0550e7445025d547f1949f1250a0

    • SSDEEP

      786432:WB3Em1PXhYsVpTJt9DU86F+VQ5+XoX063L7JE:W5EeXh7XTDy8+kO+Yx3LdE

    • Makes use of the framework's foreground persistence service

      Application may abuse the framework's foreground service to continue running in the foreground.

    • Reads the contacts stored on the device.

    • Reads the content of the call log.

MITRE ATT&CK Mobile v15

Tasks