93d421b18af345591cb8b3fc3e995f5a9e78221deb0fa1e0474b2b942623d5b6

Analysis

max time kernel
124s
max time network
150s
platform
android_x64
resource
android-x64-20240514-en
resource tags

androidarch:x64arch:x86image:android-x64-20240514-enlocale:en-usos:android-10-x64system
submitted
22-05-2024 11:41

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

appp.apk
Size

4.4MB
MD5

33e4245b47968b28a760e6bcd4e5b08a
SHA1

4c131ac68de034a5d7d019925228d038794b4f87
SHA256

93d421b18af345591cb8b3fc3e995f5a9e78221deb0fa1e0474b2b942623d5b6
SHA512

806131af5b39066c3f230a6cb1fde20e178febac2d2483d97509ae161c119c4bda93666fb501690201a8ff34dff0c34158d4e238ae61e6f34e0f9010a680be12
SSDEEP

98304:+Wrk8fHunRhCNkweD/YZQXnqyK5tJhAnEF6joPpgKidfXZFFVtcUuxFKKo9:+WrZfOn3CSYEqyQJpLd+Xlvcs19

Score

7^/10

persistence

Malware Config

Signatures

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

Processes:

com.sistemapegasus.pgsmobile

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	com.sistemapegasus.pgsmobile

com.sistemapegasus.pgsmobile
1⤵
- Registers a broadcast receiver at runtime (usually for listening for system events)
PID:5117

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.sistemapegasus.pgsmobile/files/parameters.json

Filesize
47B

MD5
8a48e5c67c4491b2e10faecbe8ab2ce3

SHA1
68d87a088deed86ec89f6e62323298be260671f4

SHA256
c6873a8793a2bcade9336c13406c3b01ce9537a5d65d632627ccbf01ff8ff32a

SHA512
f373eb50d5acdd46213948c389337d9b2676963777feafd60394c407a3916b458b50bf5c605ce22c4767c46819e20ef9d12f81dff1cabcacc4e9f7ae79b93507

Download Submit
/data/data/com.sistemapegasus.pgsmobile/files/parameters.json

Filesize
97B

MD5
37a9b9334f17e9859fae61ef7fb2600a

SHA1
e17b1663b9cdc6cee2963be9a08107ac0ae05f14

SHA256
cfdcfd2df7f942f555107413ec6adb1d39e8decbe0bd92a6b99eee8a2ca68b60

SHA512
a8325dbe4e8bf7656c8bb0c2ccae37362c4f27301098de2ba362f8e380aaebeb6d2c25da30dc0a2ed5ceeb28da52616a53ef31159a261ec296bd0b74f9e6a035

Download Submit
/data/data/com.sistemapegasus.pgsmobile/files/pegasuspedidosmob.db

Filesize
936KB

MD5
bc89434270b2c1420b1977fd478f81d0

SHA1
7035c7ccdd56b74ba0aaccdc3030725387700119

SHA256
1f521b2e833a0278f287606e87f402818cb05bfae9907ef042c15c0f966a7a86

SHA512
6a6e5245efccfd98cb326697c0f5d5e0906098e722e1773c9f83f00f7e166ca86318c98615fba268a447bb951f64683fa8bce87581809dc478a47ba83ae6c3db

Download Submit
/storage/emulated/0/.pgsmobile_NO_BORRAR.raf

Filesize
51B

MD5
b73b6355e6969ab93403554e71cb7ba0

SHA1
78ce896bc7a3e916770dbb9d1dcda80def8609f6

SHA256
047ebdad0e510dd7bff9b43f06180a9d727d8db46b02f52bfc7aba602c12161b

SHA512
adf2ad985c1fe00531d12535346247d102daeb4804283e9a3935a4f2ec0041f89d1aa21b2e129205f2eca7a88086b8bab9f8814ee9e7a4d5a15a32962837f522

Download Submit