38d517ee15c41d64dc200341548ba92fd96e96e36d74cbcfd1eeed95bb816673 | Triage

Sharing

General

Target

0010_999_1527217862_exfat_1.0.0.r20_x86-64.apk
Size

54KB
Sample

240521-gdtlnaed91
MD5

a6f876324fbac390ddb623ede7f0c20c
SHA1

32f922c199e019c546945f66a20ce2d27887c13c
SHA256

38d517ee15c41d64dc200341548ba92fd96e96e36d74cbcfd1eeed95bb816673
SHA512

c9eba749dc6508c85fec63a910195ebb9a2434ea08b72392514e25b89d569f21800f33bb7afff0f85e436cc9aeeef320d9735343f7a30a3636b493022288d450
SSDEEP

1536:aWhlarx1agy1uEgsmmGattpOoYZHQF4yqC:aWhM91agKgswaXp4ZHW

Score

3^/10

execution linux

Malware Config

Targets

- Target
  
  pre-uninstall.sh
- Size
  
  144B
- MD5
  
  980d4614d4c516be11d232d5717c707f
- SHA1
  
  2ccff34b106b2283d1ba6289f68c45ccfba57d55
- SHA256
  
  1b2931c11917ca2536410fcabf875ac91a49c3a173e3c659537c0bdc5b6a7dbd
- SHA512
  
  4c8e1e32b1046a23b830368fa0dc3ee52cdd1d52fd6db8e0b6c85a41843628b50a6e3b8c77969f1f2554091e34fee74b2b634ff25c580e90aa997aae45e18eb4
Score

1^/10
behavioral1 behavioral2 behavioral3 behavioral4
- Target
  
  start-stop.sh
- Size
  
  795B
- MD5
  
  25ac3232b51bf32753751a8540d8f837
- SHA1
  
  3b1683ef8a189322487830a55524882fb5451239
- SHA256
  
  857542a2a30c142d2cd5fba46b7f390daa59ec6854496c88f892e195e7904863
- SHA512
  
  a62ed60d99b7c186f045e02ac9dd5c956f1297902ffd448b4680044a25b712e2708ed6805153f713e9d6e5f65325c4c805eb76494888392306e84bcc0e836532
Score

1^/10
behavioral5 behavioral6 behavioral7 behavioral8
- Target
  
  bin/exfatctrl
- Size
  
  42KB
- MD5
  
  ea0f3e44b6146082bbb6b51a35bd4929
- SHA1
  
  758c780b9ecfafeb9603e7cfd1f370ca2a6de2ce
- SHA256
  
  33ebc36bdf0873bc60c9e1304db2375197bc47edc99df1105e38a50b6b9d106c
- SHA512
  
  2e9ed80b31f2583b8ddd6a3a2b959071d35cbbb33b78d4cd28ab3e6ffe33c7cde58ca6705b3f6f0fb690cde79faf167db253b801ca383147be317dcfdf5cfa91
- SSDEEP
  
  768:HauGaGAjYXDPMpDlYQZvQ4j1XXGtfYB0THeKx+MPG9lQaG:Hau/YXEZvQO1XXGtQWTHeKx+MSG
Score

1^/10
behavioral9
- Target
  
  webman/exfat.cgi
- Size
  
  46KB
- MD5
  
  cec2d7497c10be3e99f36562df37e729
- SHA1
  
  db92704d7e4176b36d478240e0afc7299f32eb2a
- SHA256
  
  928faaf2454763acf88409dad05ec7e2271d06d1531c8ddb8a7ef394002fcd56
- SHA512
  
  7e179dea4eb9b63097ba60a6af1f8b86af66eb5fc489af797fdd37c4dc68c19ece8de38590cd4495f5c9fd9b97a963df38f4879b9c7b9e620cfa19d1a80ffe06
- SSDEEP
  
  768:a8/T9foZDLaYXDPMpsEgTQAvQ4j1XXGtfYB0THeKx+MmG9Apb8:aXDLaYX8AvQO1XXGtQWTHeKx+MkpA
Score

1^/10
behavioral10
- Target
  
  webman/exfat.js
- Size
  
  26KB
- MD5
  
  f3b36811ab25fc443cc137e83127efdd
- SHA1
  
  3d30c23ab32c7f71b7df755a2be2fd7cae967348
- SHA256
  
  14ddb2686d85ff177819117da4886ab8289659a163f2eb09643f797c9257b001
- SHA512
  
  c3741dbeef4a0ed14a6bd00ae705c72526b1ef2a877e2873521550acb53842fceebf3ca57b5cfbe44250c27238117e96923cfa50cabcdc228bafde70a32b5a07
- SSDEEP
  
  384:dJCDOM9Sfy/b31LIghmI9Hm0iSMAlpHbItYK0YWvn:dJCDOM9Sfy/b32fI01SJlYYK0YWf
Score

3^/10

execution
behavioral11 behavioral12
- Target
  
  webman/langs/lang-cs.js
- Size
  
  955B
- MD5
  
  8e080cd3ef0dc74aab96fc7935695216
- SHA1
  
  bc32751b78dbb0e5e43f83b2b7a97e4a51bfbdc0
- SHA256
  
  09e1e708b5a08371e0a6054fb1583f949825d7ac1a16cfe9c4224097812d8a52
- SHA512
  
  ec90ad7aaddb728d293726c6b21df1ba0b9c1f2b121e3c4fcff5e889bbbf9528cc1f61c96e531af8b7c6956d5534dade02286d092e8485d94ada0f0cd313ddae
Score

3^/10

execution
behavioral13 behavioral14
- Target
  
  webman/langs/lang-da.js
- Size
  
  985B
- MD5
  
  a8e8c06299c6bf309cdcf702eec3673c
- SHA1
  
  bacda134649d21c5cb0366166018dc140779286d
- SHA256
  
  0d2c5a93d5b8427eb1dc604e9eb11ba5174331a072030d822d4869689e339d55
- SHA512
  
  2ae1f3cf90264c0450475d985bfcb54aec39b8a94cf0ae031dff86711ba145b33543f8e65ca969db7864f64631e4a1278bc3f3150f37b469cd23b5c33b309b19
Score

3^/10

execution
behavioral15 behavioral16
- Target
  
  webman/langs/lang-de-DE.js
- Size
  
  1021B
- MD5
  
  20417f9db4244d3b72e6201b65db3c21
- SHA1
  
  f95b7efeca83d0fd83dae5bb8064402ca828928e
- SHA256
  
  c69b757c265e7b2826e41c934a3bb5f5005dc73af84aeca8a66ee089a50526d7
- SHA512
  
  1cde78ea2d0596b70a6fc12d3dd26f110e59466abc9731030a6aa61fea82c49e3004c6d20b4502518e1a098d6c99af3c8f10579f527e40f418063e6ac4747f93
Score

3^/10

execution
behavioral17 behavioral18
- Target
  
  webman/langs/lang-en-US.js
- Size
  
  953B
- MD5
  
  f04393362754dc425daa8a8cf11b5201
- SHA1
  
  10c63849fbd4f4e4e3b306654bd9c9923a9a0445
- SHA256
  
  61e68dcec64567401a2d335f86e3298b0cea09a1870b8994a42178e984cc615f
- SHA512
  
  2fc269689250fcc275242c36fbfee53ee4cddf30b14fa242eebe5de30df8e23e7e5a9a93baa9f5fdbff41f992d08b5991074b815ca6d21890fa92834b0f5dba4
Score

3^/10

execution
behavioral19 behavioral20
- Target
  
  webman/langs/lang-es-latino.js
- Size
  
  962B
- MD5
  
  722e8990c95cd8aca66ba5fc221fc810
- SHA1
  
  26b5b4883fd8fcfdfd8eccf3aab5026b6cf80735
- SHA256
  
  81ef0204af54a07664d3cce4e18b18ebed7ab6171ba480871388c6280a3415df
- SHA512
  
  58d53200fe78e301819251955b0af1bb53618b4acdbbea614b44a69710e996e1fcf5322a7f82a09509ec60a869999d40ab906e4d379b0acedfc466e990334854
Score

3^/10

execution
behavioral21 behavioral22
- Target
  
  webman/langs/lang-es.js
- Size
  
  995B
- MD5
  
  9afe6086a2fd802ebad126beb4439e0e
- SHA1
  
  5207cc62ee4b0f76343304495b31f44227c8920f
- SHA256
  
  af0053d24fca8523f66d067da76967d6cd51b5ca9365dd90a771aa42a5841077
- SHA512
  
  f9e1dc90b05c77f9e362336fdba3d7f9e421255e762676c99405838368769b3a2e23411ddf9d27e96a18277472a1ee1768b21d7ce1657bc21ed0ca0b202fbe71
Score

3^/10

execution
behavioral23 behavioral24
- Target
  
  webman/langs/lang-fi.js
- Size
  
  927B
- MD5
  
  14d14b03a98f36531b267258269dbe80
- SHA1
  
  df98d7b9fa867c5ae2368972b2955f3cb51c3b43
- SHA256
  
  158db3c9497b100a65651f5b05d8cc4dde3dc6e44335319721f5d7d084a2288a
- SHA512
  
  032554da2b17cde50dc1f6953db3d731b7b2353792d4f37cb7dc601ab34ffef9da98abc85a49eb6bc0330cf13a3ad09f233447d1a09c97af6a8eb4cb79c22c7d
Score

3^/10

execution
behavioral25 behavioral26
- Target
  
  webman/langs/lang-fr-FR.js
- Size
  
  997B
- MD5
  
  562efea38a0c422a999b3eb29ce1307e
- SHA1
  
  0fc21b44c589307ae6aedef8d54bfdade5e08492
- SHA256
  
  6d4fdb596cdf4820e1ee0d51602bf3c98c17d6e116b224f3bfb9f6a47d60b2bb
- SHA512
  
  603c447fb2cd65ef31c161b5f59bc67bd287a67b9b539defd7c2ae08ad1b29a6dadcf70c49273859e834dffdffac57d6d2647379f0f8269356cb4d6904a80b54
Score

3^/10

execution
behavioral27 behavioral28
- Target
  
  webman/langs/lang-hu.js
- Size
  
  981B
- MD5
  
  209c16b2e9d5dea0b5af4f4d695dc6d9
- SHA1
  
  22b60e158154c6e35daf011ecfef4f8d5c26a78a
- SHA256
  
  6580254df2c7cc9872273ded10711c210fbde45661bd7f2fe700ee551cc59bf6
- SHA512
  
  9e380462b5913ba36ffbf70caccec15ccd0d8050f21d9053f9ec66d4de7452f15432e159bde563be76f7b42ccc200f788998ba4522e9a9fadf6a9d92166b7cd5
Score

3^/10

execution
behavioral29 behavioral30
- Target
  
  webman/langs/lang-it-IT.js
- Size
  
  1024B
- MD5
  
  3c98a1c3b217e3f30dfb8b54d58ed196
- SHA1
  
  3320f811a0709ebe567ce3b49d74a777bdeb7b1b
- SHA256
  
  bd2d4139a267f0a2f4972cd9147cfec678e74a4924531bb8cb1d53ac8a4331db
- SHA512
  
  bbabf8e9dfdf28cc01753ebd12974337f58ef05da113bb11c2bbb177be6b9dab222c37499a9ba00814517d420886485423dd5788af6c091379b12d0f4964b082
Score

3^/10

execution
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32