831017bde243964c8f47c63f1d14a4602e6961595f0b9e7e06171fa99f4ceb7e | Triage

Sharing

General

Target

Swype + Dragon_3.2.4.3020400.50699.apk
Size

27.6MB
Sample

240430-vmeezsdb72
MD5

d6bc32a71e8da26e48d1b330994ee43f
SHA1

bb41d2933cd8755c7e565b5caf83c1050270694f
SHA256

831017bde243964c8f47c63f1d14a4602e6961595f0b9e7e06171fa99f4ceb7e
SHA512

aa10e3c86d7e5f8c13e2d1f7317585140492cae07d3326da3eb34efc7b9062bf520db6f8c81edc81880a659bdff2af2f11cc9bdf2d4c97ce2358d1a8ea5e171a
SSDEEP

393216:ZVEH2v6vIVoSBICzTNmVqs0Y+U+5p3+L6/9rGHVukMMBm:7EH2AV+Z3JY+U+zl/9KHVukMMY

Score

7^/10

android discovery evasion impact persistence

Malware Config

Targets

- Target
  
  Swype + Dragon_3.2.4.3020400.50699.apk
- Size
  
  27.6MB
- MD5
  
  d6bc32a71e8da26e48d1b330994ee43f
- SHA1
  
  bb41d2933cd8755c7e565b5caf83c1050270694f
- SHA256
  
  831017bde243964c8f47c63f1d14a4602e6961595f0b9e7e06171fa99f4ceb7e
- SHA512
  
  aa10e3c86d7e5f8c13e2d1f7317585140492cae07d3326da3eb34efc7b9062bf520db6f8c81edc81880a659bdff2af2f11cc9bdf2d4c97ce2358d1a8ea5e171a
- SSDEEP
  
  393216:ZVEH2v6vIVoSBICzTNmVqs0Y+U+5p3+L6/9rGHVukMMBm:7EH2AV+Z3JY+U+zl/9KHVukMMY
Score

7^/10

discovery evasion impact persistence
- Checks memory information
  Checks memory information which indicate if the system is an emulator.
  evasion discovery
- Queries the mobile country code (MCC)
  discovery
- Registers a broadcast receiver at runtime (usually for listening for system events)
  persistence
- Checks if the internet connection is available
  discovery
- Reads information about phone network operator.
  discovery
- Checks the presence of a debugger
  evasion
behavioral1

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

Broadcast Receivers

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

System Checks

Credential Access

Discovery

System Information Discovery

System Network Configuration Discovery

System Network Connections Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Data Encrypted for Impact

Tasks

static1

behavioral1

discoveryevasionimpactpersistence