General

  • Target

    VirusShare_9acdd81b4d0c696ff086043f9c631b9f

  • Size

    186KB

  • Sample

    240610-mdgjzsgd45

  • MD5

    9acdd81b4d0c696ff086043f9c631b9f

  • SHA1

    e5177388576ae30135e1cc59fd69f5517436a786

  • SHA256

    1a459537a59287e3a6df7be570fad42cc65dd9ab329129413c52d36f1fad4070

  • SHA512

    e479a4aa9196a13cfc7753b7022630427bac2bd8755792a20012932941774fa20428cc9e48773f388f9bda6d704b2b746e5a73f35267384926a9566d5c9a09b6

  • SSDEEP

    3072:WB/XscIe3QLUdRHaZ+b2p3q7Yc1stdOGQRX9SW21JtmwUdsdriJ4rRXEEvqcSo5U:WBHKUdR6ZL3q/6oGQRcrgVderLuEvNT4

Malware Config

Targets

    • Target

      VirusShare_9acdd81b4d0c696ff086043f9c631b9f

    • Size

      186KB

    • MD5

      9acdd81b4d0c696ff086043f9c631b9f

    • SHA1

      e5177388576ae30135e1cc59fd69f5517436a786

    • SHA256

      1a459537a59287e3a6df7be570fad42cc65dd9ab329129413c52d36f1fad4070

    • SHA512

      e479a4aa9196a13cfc7753b7022630427bac2bd8755792a20012932941774fa20428cc9e48773f388f9bda6d704b2b746e5a73f35267384926a9566d5c9a09b6

    • SSDEEP

      3072:WB/XscIe3QLUdRHaZ+b2p3q7Yc1stdOGQRX9SW21JtmwUdsdriJ4rRXEEvqcSo5U:WBHKUdR6ZL3q/6oGQRcrgVderLuEvNT4

    • Removes its main activity from the application launcher

    • Queries the phone number (MSISDN for GSM devices)

    • Reads the contacts stored on the device.

    • Makes use of the framework's foreground persistence service

      Application may abuse the framework's foreground service to continue running in the foreground.

    • Queries information about active data network

    • Queries the unique device ID (IMEI, MEID, IMSI)

    • Reads information about phone network operator.

MITRE ATT&CK Matrix

Tasks