Resubmissions

30-05-2024 12:02

240530-n7lw8sge3v 7

30-05-2024 11:36

240530-nqxmeafh4y 7

General

  • Target

    Telegram.apk

  • Size

    65.3MB

  • Sample

    240530-n7lw8sge3v

  • MD5

    7d590e014f944b9b03e41e1d3905f86b

  • SHA1

    b43f8f975df885541f5ea5d853c1e5af24c8fcb0

  • SHA256

    00d0c5d7fed4db9273f2e63d5ebdedba8fac6451a6a3c622b1003d496f837e4f

  • SHA512

    64ef1c275a2262a7edad7f7a401662bc1d298f21385c4d46bf3d5f941ee44087a79714ac36aa53d14a66e7b972beae5d97bfb7c60f22045e188cd881a284ac2a

  • SSDEEP

    1572864:Ta3WArmaqDrLaB/DVeg4KasCKPJlwGZiUVzI7h:Ta3WIqDrC/aKj32GZiazI7h

Malware Config

Targets

    • Target

      Telegram.apk

    • Size

      65.3MB

    • MD5

      7d590e014f944b9b03e41e1d3905f86b

    • SHA1

      b43f8f975df885541f5ea5d853c1e5af24c8fcb0

    • SHA256

      00d0c5d7fed4db9273f2e63d5ebdedba8fac6451a6a3c622b1003d496f837e4f

    • SHA512

      64ef1c275a2262a7edad7f7a401662bc1d298f21385c4d46bf3d5f941ee44087a79714ac36aa53d14a66e7b972beae5d97bfb7c60f22045e188cd881a284ac2a

    • SSDEEP

      1572864:Ta3WArmaqDrLaB/DVeg4KasCKPJlwGZiUVzI7h:Ta3WIqDrC/aKj32GZiazI7h

    • Checks CPU information

      Checks CPU information which indicate if the system is an emulator.

    • Checks known Qemu pipes.

      Checks for known pipes used by the Android emulator to communicate with the host.

    • Queries account information for other applications stored on the device

      Application may abuse the framework's APIs to collect account information stored on the device.

    • Queries the phone number (MSISDN for GSM devices)

    • Reads the contacts stored on the device.

    • Reads the content of photos stored on the user's device.

    • Acquires the wake lock

    • Checks if the internet connection is available

MITRE ATT&CK Mobile v15

Tasks