pegasus | ade8bef0ac29fa363fc9afd958af0074478aef650adeb0318517b48bd996d5d5

Analysis

max time kernel
179s
max time network
132s
platform
android_x64
resource
android-x64-arm64-20240514-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240514-enlocale:en-usos:android-11-x64system
submitted
28-05-2024 07:50

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

7c3ad8fec33465fed6563bbfabb5b13d_JaffaCakes118.apk
Size

257KB
MD5

7c3ad8fec33465fed6563bbfabb5b13d
SHA1

e5920f3723e62e1850157f09baf556006bf80f74
SHA256

ade8bef0ac29fa363fc9afd958af0074478aef650adeb0318517b48bd996d5d5
SHA512

75da7c118879d9430fb13c5a51d76e1278f0c1474d5cc25c4b9684b7d8c0f93b2e44584eee0f8b0d12016bc1efad367b45ff9ca5609853ae345b6d802ff63d10
SSDEEP

6144:OiJF1SCwcTjQGPihLcfUmu9XuS0nbkDIyTkRJ0P1d41RiFV1iFuU:OqF1VHzqLcfIJ4bqIeP9d4jkKFuU

Score

10^/10

pegasus collection discovery infostealer trojan

Malware Config

Signatures

Pegasus
Pegasus is a commercial Android spyware first seen in 2016.
infostealer trojan pegasus

Reads the contacts stored on the device. 1 TTPs 1 IoCs

collection

Contact List

T1636.003

description	ioc	Process
URI accessed for read	content://com.android.contacts/contacts	com.network.android

Reads the content of the browser bookmarks. 1 TTPs 1 IoCs

collection

Data from Local System

T1533

description	ioc	Process
URI accessed for read	content://browser/bookmarks	com.network.android

Reads the content of the call log. 1 TTPs 1 IoCs

collection

Call Log

T1636.002

description	ioc	Process
URI accessed for read	content://call_log/calls	com.network.android

Checks if the internet connection is available 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.network.android

com.network.android
1⤵
- Reads the contacts stored on the device.
- Reads the content of the browser bookmarks.
- Reads the content of the call log.
- Checks if the internet connection is available
PID:4682

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Connections Discovery

T1421

Lateral Movement

Collection

Data from Local System

T1533

Protected User Data

T1636

Call Log

T1636.002

Contact List

T1636.003

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.network.android/logs/0vlt.dat

Filesize
12B

MD5
1f624ca84a492ed52fe846807393d071

SHA1
e64f74609782ec99678cfbcaab3dc0ef33f2fe1a

SHA256
797ce7c1d6efd5f624ffd4d290370bc8ffcb869d25e54c2a28a435ed31a0196e

SHA512
28c8bdb005c090bc700403bb909d10a1e7e60b4bfa8414806a4458d859992e5a267c4e5c487ced98a914ed0f76c1719af52e841cf91faaa592366a8152f7be22

Download Submit
/data/data/com.network.android/logs/0vlt.dat

Filesize
12B

MD5
2b7134c97eddd4d971c996083f92f418

SHA1
873ee9cdb475df1e2a6071646fc73886d6f58037

SHA256
afab6fc823476c4028d14e1b9c2b18b63117b5b03bb14dd2ce19d37a6a241896

SHA512
3ac19bc11c6c2827a006941c8a419357284a3ce3c18c17404dff3766e876fc10a2589188613ed9a1e75a559d1917f810cbf71a02a3f4e44692b2a0371599b60f

Download Submit
/data/data/com.network.android/logs/0vlt.dat

Filesize
12B

MD5
9617f08fbb3b1436dafca4151169c9f4

SHA1
4d4aedf20d1eeb14c8b42bb0174e235981c7e1a4

SHA256
8700d63bcd2649600019c533ea0ced28f9423906164a53d6c096f91965a07669

SHA512
5cc3413aae211936158f93fca289ec823c72bcfc31b26126cd57c2df5cfb85db022dfb3dccc402d8c3333b2bbf21c94120828dd83eecb391c736a4dae16ec8b4

Download Submit
/data/data/com.network.android/logs/0vlt.dat

Filesize
12B

MD5
d1a5a2ac3239ed8506e188808f735567

SHA1
3983064e820bc8341c9779b35f41254a4556392c

SHA256
b311e399f6b29bf1c182ace911539bcdd32df643f369f0d3ce626c2f7b90e4ec

SHA512
e96bda5dfceb4eb2a284a8c025d7cebcf6e059a99f0c5c247a6aa06a0703b6209fab42e76786e15f85bfc6e428b16ff5fd80827bbb8841c2852ab3a85c0dde02

Download Submit
/data/user/0/com.network.android/databases/NetworkManagerData.db

Filesize
16KB

MD5
f64a816e653835b07054fb6ff9c91524

SHA1
8a78b568a09bfa940d8d4c1d889c92dd962047ac

SHA256
f942e329bb4d8e844e2ee2cee3fa71212fbf26c1016a5dec8eaf529716d0479a

SHA512
32195c3faf677215d7e9a9c1809585c93b981edea59c111d41110df1a10913edce7b11d2ca12c83b01cc0fd57ce4667ad9f101fbff4273de4a020919e718dd10

Download Submit
/data/user/0/com.network.android/databases/NetworkManagerData.db-journal

Filesize
8KB

MD5
8cf1c1b46a32821d426b445b65de4460

SHA1
d25136d2b7b2776e31b02b3651596cec535f2fb9

SHA256
e354198a06bdccfc8523009c54a4997ce54a5139708b9ab4af9c1f491bd2b7c1

SHA512
e9f5d21f93f00f2e63500c5db33c0bc41233079c73f737f906b1f7bc5a2aaf6b6265ece4bac8fc4adc6b837bbab56bab3573ff1a8c09f13945adf46be2d7e7b8

Download Submit
/data/user/0/com.network.android/databases/NetworkManagerData.db-journal

Filesize
8KB

MD5
7955b7445bd397ab7e2ea84497f2248a

SHA1
19fd72e7e2fc0ae58530451c90cf60ccd6a804d1

SHA256
781a915c10e63d4f39f3a9cd8a1fad83c143ac72f607f29edbb43691e2df6257

SHA512
a2b691384cc1ab69f9ec05ca430ca231e81cd0d90ba8a46847a2c7aaec27ecdc1f8039a8e872f4f496078867218be72c395b0896c0fbd81cb6d2310293f6fa5d

Download Submit
/data/user/0/com.network.android/databases/NetworkManagerData.db-journal

Filesize
512B

MD5
1e7a01082fcadcf559fa90cb979dd854

SHA1
458385bf4242c8267bfb5e1627ec3191941391aa

SHA256
e178b6ab9548bc19e1764456c06ff77dc9ba33d0aaeedbf4df84a22f9a3d37a9

SHA512
57df84cf0857317e7ae1d37670784ffaeb5579dd15520ea0af0dca24d4cdaa9f6d44234f698a2268eef6c767dbefd5ec9ef37a4e68ca15f2ce1b77c53a525b44

Download Submit
/data/user/0/com.network.android/pex.dat

Filesize
12KB

MD5
138d764910cb46a05b83d5af830dcfd4

SHA1
583dafb10cbfa0941821d9fe721b4a28498ae656

SHA256
0aa2c4123b0ccd2e11f3ea6bf425488da6b7db400745fb43e8563aa1d5f95731

SHA512
874b0c9745cb1446ae6e826e7888b08e1e7127b790bf3842093d16499175922a6305c7244c9b42a854cd7685bbe18d879cb057d59ed45bd30fd9dc11748e3584

Download Submit
/data/user/0/com.network.android/srcsu.dat

Filesize
8KB

MD5
f091e95aa696a326b4b948869fd3df78

SHA1
3e2b4a81bac630973a990ed1e9e0a973158a818a

SHA256
5f1c4d94b3c91704c3955b8954ce543eecb292da4a58b7c61e7592adcffa0f33

SHA512
0b5ed603ca79db5a98e2b4e24d98eecedc7bcdc660efb37241f9c3e40a68e9fab5caac53a1a4e3fb6cfd99ac40c0ab8acf63d4e5ff96c7ab03aebec4f87b35f0

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads