General

  • Target

    VirusShare_168803aafcf8333fb33d51a7b811ba59

  • Size

    173KB

  • Sample

    240610-mc4ccsgd34

  • MD5

    168803aafcf8333fb33d51a7b811ba59

  • SHA1

    0c86baef9c77de5620116e27cd17a0013b3023eb

  • SHA256

    64b73201e87e106e06748e8bbb3842e832e22da9b8cc1d542ce423942d1097fa

  • SHA512

    a9813b5a78fe256ee72ee1509522989a2278c0c7362671eff9bd673eb39175c9c2370907cb4da91886a3c54cd9ca9a29ac2b4997f2886ebe6673c68ae1ecfbc3

  • SSDEEP

    3072:TpHdKFaN0oMwZoAHTShoSqhbp8rVYhO+Cc9YNN5EztO+iJ4rRXcX9SiXzKkEkM8N:Tp0FaRHTSWdNp8ri4cONN5mFLaciX4/O

Malware Config

Targets

    • Target

      VirusShare_168803aafcf8333fb33d51a7b811ba59

    • Size

      173KB

    • MD5

      168803aafcf8333fb33d51a7b811ba59

    • SHA1

      0c86baef9c77de5620116e27cd17a0013b3023eb

    • SHA256

      64b73201e87e106e06748e8bbb3842e832e22da9b8cc1d542ce423942d1097fa

    • SHA512

      a9813b5a78fe256ee72ee1509522989a2278c0c7362671eff9bd673eb39175c9c2370907cb4da91886a3c54cd9ca9a29ac2b4997f2886ebe6673c68ae1ecfbc3

    • SSDEEP

      3072:TpHdKFaN0oMwZoAHTShoSqhbp8rVYhO+Cc9YNN5EztO+iJ4rRXcX9SiXzKkEkM8N:Tp0FaRHTSWdNp8ri4cONN5mFLaciX4/O

    • Removes its main activity from the application launcher

    • Queries the phone number (MSISDN for GSM devices)

    • Reads the contacts stored on the device.

    • Makes use of the framework's foreground persistence service

      Application may abuse the framework's foreground service to continue running in the foreground.

    • Queries information about active data network

    • Queries the unique device ID (IMEI, MEID, IMSI)

    • Reads information about phone network operator.

MITRE ATT&CK Matrix

Tasks