b90ff95b4ae1f141c6f9becce2c849db4fba9e0ebbd2ff6f0a7861a6bd45bcb6 | Triage

Sharing

General

Target

ta.apk
Size

4.8MB
Sample

240522-pncpwsbb88
MD5

266346a51fdd14bab856229ee06cbbac
SHA1

a12ad675e66990f329d2e0448c58c83a817cb9fa
SHA256

b90ff95b4ae1f141c6f9becce2c849db4fba9e0ebbd2ff6f0a7861a6bd45bcb6
SHA512

6cba307c5dc0c632dfc8f59c94cbf58b3ce7cd753c35c903b2243c5ca8d022be47c14274a01d97368c6f3fa118c1e90b3ae473a973e27fbb758c35e8e7249f54
SSDEEP

98304:w4pYozRwnk8AHgS0rrs7sA92/D2CEj8Lg1afhL:PyBnk8YcU7L2qPcg12

Score

8^/10

android discovery evasion impact persistence

Malware Config

Targets

- Target
  
  ta.apk
- Size
  
  4.8MB
- MD5
  
  266346a51fdd14bab856229ee06cbbac
- SHA1
  
  a12ad675e66990f329d2e0448c58c83a817cb9fa
- SHA256
  
  b90ff95b4ae1f141c6f9becce2c849db4fba9e0ebbd2ff6f0a7861a6bd45bcb6
- SHA512
  
  6cba307c5dc0c632dfc8f59c94cbf58b3ce7cd753c35c903b2243c5ca8d022be47c14274a01d97368c6f3fa118c1e90b3ae473a973e27fbb758c35e8e7249f54
- SSDEEP
  
  98304:w4pYozRwnk8AHgS0rrs7sA92/D2CEj8Lg1afhL:PyBnk8YcU7L2qPcg12
Score

8^/10

discovery evasion impact persistence
- Checks if the Android device is rooted.
  evasion
- Registers a broadcast receiver at runtime (usually for listening for system events)
  persistence
- Acquires the wake lock
- Checks if the internet connection is available
  discovery
- Reads information about phone network operator.
  discovery
behavioral1 behavioral2 behavioral3

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

Broadcast Receivers

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

System Network Configuration Discovery

System Network Connections Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Data Encrypted for Impact

Tasks

static1

behavioral1

discoveryevasionimpactpersistence

behavioral2

discoveryevasionimpactpersistence

behavioral3

discoveryevasionimpact