8675b8bc5960da9a346476366fc9265de3fa9f9dda7bdcd293898af394996f05

Analysis

max time kernel
78s
max time network
81s
platform
android_x86
resource
android-x86-arm-20240506-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240506-enlocale:en-usos:android-9-x86system
submitted
08-05-2024 15:42

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

Vpn For Brawl.apk
Size

548KB
MD5

373ffe6af0fdd084b1eb262be4e0ba44
SHA1

32348b21a46f32812665fbd2bd9d1789129afde8
SHA256

8675b8bc5960da9a346476366fc9265de3fa9f9dda7bdcd293898af394996f05
SHA512

63893eb79e043ca4fbf0b242357dfbf5142a17f3767428d10a053e9e0ee847314e1481a2db07010bb85deaa0f061b6491a071ed3f088520c8074578d26bc5e07
SSDEEP

12288:9cVS3EVqPlR6i0Ci3jM34D9PwUwFFHi+UV/nBumiVxDTm+1hAovIR1s:9OS3EW6i0C+M3SPCFNi+UbumirDrqQIA

Score

8^/10

collection evasion impact privilege_escalation stealth trojan

Malware Config

Signatures

Removes its main activity from the application launcher 1 TTPs 1 IoCs

stealth trojan evasion

Suppress Application Icon

T1628.001

pid	Process
4240	com.elite

Reads the contacts stored on the device. 1 TTPs 1 IoCs

collection

Contact List

T1636.003

description	ioc	Process
URI accessed for read	content://com.android.contacts/data/phones	com.elite

Tries to add a device administrator. 2 TTPs 1 IoCs

privilege_escalation impact

Device Administrator Permissions

T1626.001

Account Access Removal

T1640

description	ioc	Process
Intent action	android.app.action.ADD_DEVICE_ADMIN	com.elite

com.elite
1⤵
- Removes its main activity from the application launcher
- Reads the contacts stored on the device.
- Tries to add a device administrator.
PID:4240

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Abuse Elevation Control Mechanism

T1626

Device Administrator Permissions

T1626.001

Defense Evasion

Hide Artifacts

T1628

Suppress Application Icon

T1628.001

Credential Access

Discovery

Lateral Movement

Collection

Protected User Data

T1636

Contact List

T1636.003

Command and Control

Exfiltration

Impact

Account Access Removal

T1640

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads