General

  • Target

    VirusShare_3f5d3ca59c093a432e81618b91bb3fcb

  • Size

    212KB

  • Sample

    240610-mc8bbagd37

  • MD5

    3f5d3ca59c093a432e81618b91bb3fcb

  • SHA1

    9aa851f8c8e258f32f42453fc068f364a8b8a349

  • SHA256

    fb9fdbefbf65d348ea07bd9bb153b73b6280b55c4c0bda9be2d7f4e9f93b3b68

  • SHA512

    bda46d0d0bfa134d55e35c25c01a7284a4a00f44ea5476ceb9f0fc2f73a15e17268475d1a027a22aa55fad8a5653e0d463969c3579da7f06abdf5dd944f03375

  • SSDEEP

    3072:wu3Xd6c4Qmj7xv+UWbYFmN2yacC2l7n65X9SJhfAK+VpgzlmuUVbDsdW2MyiJ4rh:wud6MUWbYfcFle5cvfkpgz1UVDenPLXR

Malware Config

Targets

    • Target

      VirusShare_3f5d3ca59c093a432e81618b91bb3fcb

    • Size

      212KB

    • MD5

      3f5d3ca59c093a432e81618b91bb3fcb

    • SHA1

      9aa851f8c8e258f32f42453fc068f364a8b8a349

    • SHA256

      fb9fdbefbf65d348ea07bd9bb153b73b6280b55c4c0bda9be2d7f4e9f93b3b68

    • SHA512

      bda46d0d0bfa134d55e35c25c01a7284a4a00f44ea5476ceb9f0fc2f73a15e17268475d1a027a22aa55fad8a5653e0d463969c3579da7f06abdf5dd944f03375

    • SSDEEP

      3072:wu3Xd6c4Qmj7xv+UWbYFmN2yacC2l7n65X9SJhfAK+VpgzlmuUVbDsdW2MyiJ4rh:wud6MUWbYfcFle5cvfkpgz1UVDenPLXR

    • Removes its main activity from the application launcher

    • Queries the phone number (MSISDN for GSM devices)

    • Makes use of the framework's foreground persistence service

      Application may abuse the framework's foreground service to continue running in the foreground.

    • Queries the unique device ID (IMEI, MEID, IMSI)

    • Reads information about phone network operator.

MITRE ATT&CK Matrix

Tasks