6c883b908f790a2affd13e346282f39e4bb9d46bd3c0d85a94d8d226319ed0b3 | Triage

Sharing

General

Target

Spotify_v8.9.40.509_MOD_mundoperfecto.net.apk
Size

82.0MB
Sample

240523-wn4xpsbc4x
MD5

4c95568afe8cabbb07513f801aebaaf9
SHA1

28af0fcad3cd5615e47967e3ae8f8a86e27d67cc
SHA256

6c883b908f790a2affd13e346282f39e4bb9d46bd3c0d85a94d8d226319ed0b3
SHA512

f0a6d7d5c832281692e970b776fab81e6983bb90e07c538f203c21e29641717bb55edf84a419ef8e50c9d3501991b582de09f28f313759f78dcca07f6b4f940f
SSDEEP

1572864:4WYLZcYiw2D4tnvQw0CtSKZUmp9C5H++7fy/kjo:hGcu2sBIdCYjmHXd8jo

Score

8^/10

android discovery evasion persistence

Malware Config

Targets

- Target
  
  Spotify_v8.9.40.509_MOD_mundoperfecto.net.apk
- Size
  
  82.0MB
- MD5
  
  4c95568afe8cabbb07513f801aebaaf9
- SHA1
  
  28af0fcad3cd5615e47967e3ae8f8a86e27d67cc
- SHA256
  
  6c883b908f790a2affd13e346282f39e4bb9d46bd3c0d85a94d8d226319ed0b3
- SHA512
  
  f0a6d7d5c832281692e970b776fab81e6983bb90e07c538f203c21e29641717bb55edf84a419ef8e50c9d3501991b582de09f28f313759f78dcca07f6b4f940f
- SSDEEP
  
  1572864:4WYLZcYiw2D4tnvQw0CtSKZUmp9C5H++7fy/kjo:hGcu2sBIdCYjmHXd8jo
Score

8^/10

discovery evasion persistence
- Checks if the Android device is rooted.
  evasion
- Checks memory information
  Checks memory information which indicate if the system is an emulator.
  evasion discovery
- Registers a broadcast receiver at runtime (usually for listening for system events)
  persistence
- Acquires the wake lock
- Checks if the internet connection is available
  discovery
- Checks the presence of a debugger
  evasion
behavioral1

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

Broadcast Receivers

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

System Checks

Credential Access

Discovery

System Information Discovery

System Network Connections Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistence