General

  • Target

    VirusShare_7f6337b64688c26824b16bb550e29f9f

  • Size

    416KB

  • Sample

    240610-mc8xvagd39

  • MD5

    7f6337b64688c26824b16bb550e29f9f

  • SHA1

    276b68a397651acc50a7e76358e0460207207084

  • SHA256

    66a7dd625d730498bc8c4cfbceadce3a5363a39fc3b8eb5b891de96a256cb0fa

  • SHA512

    37ca7e83281775d3e8884496581d5ef0d4138a64e51f47423e27edab113a372fb671e35add28b1d116ade6a40415353bc955555044c0dbaac90db9cd6fe787e6

  • SSDEEP

    12288:JEgeUYobybnVccHizIlFguW1bNCmJjQrJ0Z1WQId:JlbYC2nVxCMK1LFsJcWQId

Malware Config

Targets

    • Target

      VirusShare_7f6337b64688c26824b16bb550e29f9f

    • Size

      416KB

    • MD5

      7f6337b64688c26824b16bb550e29f9f

    • SHA1

      276b68a397651acc50a7e76358e0460207207084

    • SHA256

      66a7dd625d730498bc8c4cfbceadce3a5363a39fc3b8eb5b891de96a256cb0fa

    • SHA512

      37ca7e83281775d3e8884496581d5ef0d4138a64e51f47423e27edab113a372fb671e35add28b1d116ade6a40415353bc955555044c0dbaac90db9cd6fe787e6

    • SSDEEP

      12288:JEgeUYobybnVccHizIlFguW1bNCmJjQrJ0Z1WQId:JlbYC2nVxCMK1LFsJcWQId

    • Removes its main activity from the application launcher

    • Queries the phone number (MSISDN for GSM devices)

    • Reads the contacts stored on the device.

    • Makes use of the framework's foreground persistence service

      Application may abuse the framework's foreground service to continue running in the foreground.

    • Queries information about active data network

    • Queries the unique device ID (IMEI, MEID, IMSI)

    • Reads information about phone network operator.

MITRE ATT&CK Matrix

Tasks