Overview

overview

10

Static

static

10

Pegasus/14...8e.apk

android-13-x64

LenovoSafeBox455.apk

android-13-x64

1

LenovoSafe...15.apk

android-13-x64

1

nb.apk

android-13-x64

Pegasus/bd...2a.apk

android-13-x64

Pegasus/cc...c1.apk

android-13-x64

Pegasus/d2...20.apk

android-13-x64

Resubmissions

26/04/2024, 04:54 UTC

240426-fjvkgaab47 10

05/01/2024, 01:07 UTC

240105-bg639sfhh5 10

Analysis

  • max time network
    7s
  • platform
    android_x64
  • resource
    android-33-x64-arm64-20240229-en
  • resource tags

    androidarch:arm64arch:x64image:android-33-x64-arm64-20240229-enlocale:en-usos:android-13-x64system
  • submitted
    26/04/2024, 04:54 UTC

Sharing

Copy URL
Twitter E-mail

Errors

Reason
Payload did not run: unable to install sample: Error: Unable to open file: Pegasus/bd8cda80aaee3e4a17e9967a1c062ac5c8e4aefd7eaa3362f54044c2c94db52a.apk Consider using a file under /data/local/tmp/ Error: Can't open file: Pegasus/bd8cda80aaee3e4a17e9967a1c062ac5c8e4aefd7eaa3362f54044c2c94db52a.apk Exception occurred while executing 'install': java.lang.IllegalArgumentException: Error: Can't open file: Pegasus/bd8cda80aaee3e4a17e9967a1c062ac5c8e4aefd7eaa3362f54044c2c94db52a.apk at com.android.server.pm.PackageManagerShellCommand.setParamsSize(PackageManagerShellCommand.java:608) at com.android.server.pm.PackageManagerShellCommand.doRunInstall(PackageManagerShellCommand.java:1442) at com.android.server.pm.PackageManagerShellCommand.runInstall(PackageManagerShellCommand.java:1408) at com.android.server.pm.PackageManagerShellCommand.onCommand(PackageManagerShellCommand.java:221) at com.android.modules.utils.BasicShellCommandHandler.exec(BasicShellCommandHandler.java:97) at android.os.ShellCommand.exec(ShellCommand.java:38) at com.android.server.pm.PackageManagerService$IPackageManagerImpl.onShellCommand(PackageManagerService.java:5964) at android.os.Binder.shellCommand(Binder.java:1049) at android.os.Binder.onTransact(Binder.java:877) at android.content.pm.IPackageManager$Stub.onTransact(IPackageManager.java:4313) at com.android.server.pm.PackageManagerService$IPackageManagerImpl.onTransact(PackageManagerService.java:5948) at android.os.Binder.execTransactInternal(Binder.java:1285) at android.os.Binder.execTransact(Binder.java:1244)
Report Analysis Logs

General

  • Target

    Pegasus/bd8cda80aaee3e4a17e9967a1c062ac5c8e4aefd7eaa3362f54044c2c94db52a.apk

  • Size

    1.1MB

  • MD5

    8d4b77fa3546149f25bd17357d41fbf0

  • SHA1

    7289737c1dc462726abbe89335a7702c130bbdcc

  • SHA256

    bd8cda80aaee3e4a17e9967a1c062ac5c8e4aefd7eaa3362f54044c2c94db52a

  • SHA512

    a9a10115072a66d89158a09649ace3702bee021a47195aec0d6046bdf8fae8927b3d36d0a6d7a7302125b5f06d711419390edf2da3c3fbd11a5a3228e6abd9ff

  • SSDEEP

    24576:RkVMvDz5Q6P8aJnB94XqMOkkXLjD+F5VCq7ncRL4GchuT:qKvDlhP8aj9bMvk7jDJqTmsGch0

Score
1/10

Malware Config

Signatures

Processes

Network

  • flag-gb
    GET
    http://play.googleapis.com/generate_204
    Remote address:
    172.217.169.74:80
    Request
    GET /generate_204 HTTP/1.1
    Connection: close
    User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.32 Safari/537.36
    Host: play.googleapis.com
    Accept-Encoding: gzip
    Response
    HTTP/1.1 204 No Content
    Content-Length: 0
    Cross-Origin-Resource-Policy: cross-origin
    Date: Fri, 26 Apr 2024 04:55:30 GMT
    Connection: close
  • 64.233.166.188:5228
    tls
    128 B
     40 B
     2
    1
  • 142.250.178.4:443
    www.google.com
    tls
    1.0kB
     4.7kB
     8
    7
  • 142.250.178.4:443
    260 B
     5
  • 142.250.178.4:443
    www.google.com
    tls
    971 B
     4.7kB
     8
    5
  • 142.250.178.4:443
    www.google.com
    tls
    1.0kB
     4.7kB
     8
    8
  • 172.217.169.74:80
    http://play.googleapis.com/generate_204
    http
    545 B
     414 B
     6
    5

    HTTP Request

    GET http://play.googleapis.com/generate_204

    HTTP Response

    204
  • 142.250.178.4:443
    https
    622 B
     70 B
     7
    1
  • 224.0.0.251:5353
    1.3kB
     5
  • 142.250.178.4:443
    https
    3.1kB
     6.0kB
     7
    5
  • 142.250.178.4:443
    https
    2.8kB
     6.0kB
     4
    5

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.