4e918bb6cc9175f5b9c134f6873c9d9328f39ac5d53e9b2580adf82bb582715e | Triage

Sharing

General

Target

VirusShare_71c07c7004138d82f4007f9b4c222c0a
Size

36KB
Sample

240608-1krkeshe28
MD5

71c07c7004138d82f4007f9b4c222c0a
SHA1

bc592128514d903d88272f54cdea3b6aa6d9c6a5
SHA256

4e918bb6cc9175f5b9c134f6873c9d9328f39ac5d53e9b2580adf82bb582715e
SHA512

4a63b212e27ba870da2d10fea4769d51e3cfedf66ad5de380388347ada85bd28af16b1afe3b5134abdebebca924ce745683c4d97f8a89580dceca6893cdab0b5
SSDEEP

768:VofaYulSKRhF/XpuWPn0wTts+U4VRqnIdvcEgbLBDd:Sf2SKRjXpjn1Q4jqnYu9h

Score

7^/10

android collection credential_access discovery evasion impact persistence privilege_escalation

Malware Config

Targets

- Target
  
  VirusShare_71c07c7004138d82f4007f9b4c222c0a
- Size
  
  36KB
- MD5
  
  71c07c7004138d82f4007f9b4c222c0a
- SHA1
  
  bc592128514d903d88272f54cdea3b6aa6d9c6a5
- SHA256
  
  4e918bb6cc9175f5b9c134f6873c9d9328f39ac5d53e9b2580adf82bb582715e
- SHA512
  
  4a63b212e27ba870da2d10fea4769d51e3cfedf66ad5de380388347ada85bd28af16b1afe3b5134abdebebca924ce745683c4d97f8a89580dceca6893cdab0b5
- SSDEEP
  
  768:VofaYulSKRhF/XpuWPn0wTts+U4VRqnIdvcEgbLBDd:Sf2SKRjXpjn1Q4jqnYu9h
Score

7^/10

collection discovery evasion impact persistence privilege_escalation credential_access
- Obtains sensitive information copied to the device clipboard
  Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
  collection credential_access impact
- Reads the content of the call log.
  collection
- Acquires the wake lock
- Makes use of the framework's foreground persistence service
  Application may abuse the framework's foreground service to continue running in the foreground.
  evasion persistence
- Queries the mobile country code (MCC)
  discovery
- Queries the unique device ID (IMEI, MEID, IMSI)
  discovery
- Tries to add a device administrator.
  privilege_escalation impact
behavioral1 behavioral2 behavioral3

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

Broadcast Receivers

Foreground Persistence

Privilege Escalation

Abuse Elevation Control Mechanism

Device Administrator Permissions

Defense Evasion

Foreground Persistence

Virtualization/Sandbox Evasion

System Checks

Credential Access

Clipboard Data

Discovery

System Information Discovery

System Network Configuration Discovery

Lateral Movement

Collection

Clipboard Data

Protected User Data

Call Log

Command and Control

Exfiltration

Impact

Account Access Removal

Data Encrypted for Impact

Data Manipulation

Transmitted Data Manipulation

Tasks

static1

behavioral1

collectiondiscoveryevasionimpactpersistenceprivilege_escalation

behavioral2

collectioncredential_accessdiscoveryevasionimpactpersistence

behavioral3

collectioncredential_accessevasionimpactpersistenceprivilege_escalation