dabd27db7125df7add24fa016a826e9683d9680cbe24d63d38f77ad099057387 | Triage

Sharing

General

Target

dabd27db7125df7add24fa016a826e9683d9680cbe24d63d38f77ad099057387
Size

1.6MB
Sample

240524-psby6acc3w
MD5

b92d6293a171226e6b932c71a1dddbbf
SHA1

79664108e90d144fa109143f91a5e297ba20da80
SHA256

dabd27db7125df7add24fa016a826e9683d9680cbe24d63d38f77ad099057387
SHA512

3965314e69d4c52758b76fbe605bc1be6cc70b191fdb50be0c6d55f3fe1fbfb6af603cc3fc72fdeb53e8d686e186d0d6574e3b44961b8217f8bb1d8f30b095a4
SSDEEP

24576:32PiBPX83UMau1jKjbjEgyI/zV0C3FyqoEhpMjQ4OFXiWV7ALtmX9bFd:3LX8+uYjbjLyY1miLCLtmBr

Score

7^/10

android collection credential_access discovery evasion impact persistence

Malware Config

Targets

- Target
  
  dabd27db7125df7add24fa016a826e9683d9680cbe24d63d38f77ad099057387
- Size
  
  1.6MB
- MD5
  
  b92d6293a171226e6b932c71a1dddbbf
- SHA1
  
  79664108e90d144fa109143f91a5e297ba20da80
- SHA256
  
  dabd27db7125df7add24fa016a826e9683d9680cbe24d63d38f77ad099057387
- SHA512
  
  3965314e69d4c52758b76fbe605bc1be6cc70b191fdb50be0c6d55f3fe1fbfb6af603cc3fc72fdeb53e8d686e186d0d6574e3b44961b8217f8bb1d8f30b095a4
- SSDEEP
  
  24576:32PiBPX83UMau1jKjbjEgyI/zV0C3FyqoEhpMjQ4OFXiWV7ALtmX9bFd:3LX8+uYjbjLyY1miLCLtmBr
Score

7^/10

discovery evasion persistence collection credential_access impact
- Checks memory information
  Checks memory information which indicate if the system is an emulator.
  evasion discovery
- Loads dropped Dex/Jar
  Runs executable file dropped to the device during analysis.
  evasion
- Obtains sensitive information copied to the device clipboard
  Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
  collection credential_access impact
- Queries the mobile country code (MCC)
  discovery
- Registers a broadcast receiver at runtime (usually for listening for system events)
  persistence
- Acquires the wake lock
- Checks if the internet connection is available
  discovery
behavioral1 behavioral2 behavioral3

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

Broadcast Receivers

Privilege Escalation

Defense Evasion

Download New Code at Runtime

Virtualization/Sandbox Evasion

System Checks

Credential Access

Clipboard Data

Discovery

System Information Discovery

System Network Configuration Discovery

System Network Connections Discovery

Lateral Movement

Collection

Clipboard Data

Command and Control

Exfiltration

Impact

Data Manipulation

Transmitted Data Manipulation

Tasks

static1

behavioral1

discoveryevasionpersistence

behavioral2

collectioncredential_accessdiscoveryevasionimpactpersistence

behavioral3

collectioncredential_accessdiscoveryevasionimpact