General

  • Target

    VirusShare_5fbc0750fb4c71f0d7dbfb7e9c9d8191

  • Size

    409KB

  • Sample

    240610-mc8l3sgd38

  • MD5

    5fbc0750fb4c71f0d7dbfb7e9c9d8191

  • SHA1

    26be3faa7f1324d305de3c997125c8c4ffbfeacf

  • SHA256

    8de64d3a29016604f445ec07150749cfd30c373041e164e770ea4a698a040362

  • SHA512

    73b6a663329c4e45c14031d739e6a95a46b6122bb024975d752dd1665ca951e2a8d93222beb969a374b62afbb13c9993abc957cd80085746c03880680724fb9d

  • SSDEEP

    12288:sEgeUVoVybMVccyiz5lFguWu2NPmathcfeEa:slbVs2MVxhFKuHatqfeV

Malware Config

Targets

    • Target

      VirusShare_5fbc0750fb4c71f0d7dbfb7e9c9d8191

    • Size

      409KB

    • MD5

      5fbc0750fb4c71f0d7dbfb7e9c9d8191

    • SHA1

      26be3faa7f1324d305de3c997125c8c4ffbfeacf

    • SHA256

      8de64d3a29016604f445ec07150749cfd30c373041e164e770ea4a698a040362

    • SHA512

      73b6a663329c4e45c14031d739e6a95a46b6122bb024975d752dd1665ca951e2a8d93222beb969a374b62afbb13c9993abc957cd80085746c03880680724fb9d

    • SSDEEP

      12288:sEgeUVoVybMVccyiz5lFguWu2NPmathcfeEa:slbVs2MVxhFKuHatqfeV

    • Removes its main activity from the application launcher

    • Queries the phone number (MSISDN for GSM devices)

    • Reads the contacts stored on the device.

    • Makes use of the framework's foreground persistence service

      Application may abuse the framework's foreground service to continue running in the foreground.

    • Queries information about active data network

    • Queries the unique device ID (IMEI, MEID, IMSI)

    • Reads information about phone network operator.

MITRE ATT&CK Matrix

Tasks