efbcb98be75a60eadfac49b64eba535108d28c417485e641de0c9cdadbc1d213 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

wms.apk
Size

3.4MB
Sample

240521-gpgq8sge92
MD5

a7d4f0e210b20f9aa8dc091daa8e6136
SHA1

066f38cce97bed0cd717ab3ab91147916a24a7f5
SHA256

efbcb98be75a60eadfac49b64eba535108d28c417485e641de0c9cdadbc1d213
SHA512

2b3ed23ea209ae33ef12507ce82db98d61fc51dad818187f2af0f5355f293a8e94684dea5c19c08fa87658cc8a7728dba74670709d0d938e45c4f2d9fafd8907
SSDEEP

49152:pdIPIwJiTZCtKYa6ic4W9O0cCS37dz5hzgRA8BP118xUTvjIyVSrzStLrL7Nz:nCA4w+/O0cCA1hzgRA8BP118UCSVrL5z

Score

7^/10

android discovery persistence

Malware Config

Targets

- Target
  
  wms.apk
- Size
  
  3.4MB
- MD5
  
  a7d4f0e210b20f9aa8dc091daa8e6136
- SHA1
  
  066f38cce97bed0cd717ab3ab91147916a24a7f5
- SHA256
  
  efbcb98be75a60eadfac49b64eba535108d28c417485e641de0c9cdadbc1d213
- SHA512
  
  2b3ed23ea209ae33ef12507ce82db98d61fc51dad818187f2af0f5355f293a8e94684dea5c19c08fa87658cc8a7728dba74670709d0d938e45c4f2d9fafd8907
- SSDEEP
  
  49152:pdIPIwJiTZCtKYa6ic4W9O0cCS37dz5hzgRA8BP118xUTvjIyVSrzStLrL7Nz:nCA4w+/O0cCA1hzgRA8BP118UCSVrL5z
Score

7^/10

discovery persistence
- Queries information about running processes on the device
  Application may abuse the framework's APIs to collect information about running processes on the device.
  discovery
- Registers a broadcast receiver at runtime (usually for listening for system events)
  persistence
behavioral1 behavioral2 behavioral3

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

Broadcast Receivers

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Process Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence

behavioral3