535a8f0ca02f5b15b61fb1fc6051d0c8ae1309fbdbaa57d0b48b5d8d3190deda | Triage

Sharing

General

Target

535a8f0ca02f5b15b61fb1fc6051d0c8ae1309fbdbaa57d0b48b5d8d3190deda.bin
Size

313KB
Sample

240616-29sz8axbrm
MD5

2f8aa941c9b87fc6ca21ad079e53dcf6
SHA1

b6b3c6e5b050ffd99fecb19646644e6a65e8ad00
SHA256

535a8f0ca02f5b15b61fb1fc6051d0c8ae1309fbdbaa57d0b48b5d8d3190deda
SHA512

ee18b3e374bdf3a264bb118cdf68e0a2fd95da2d590203ba3800b6834a98915519a0b1e725a88be75bf51b0bc5db7e0be461879e72854b05627b2cc625235eaa
SSDEEP

6144:QFt8ILZxgdMvJ8Q50maRBJh2e0BuLlk+4C4xn/vqS:yLZiavJvanJF0BuLl1e/h

Score

7^/10

android discovery evasion

Malware Config

Targets

- Target
  
  535a8f0ca02f5b15b61fb1fc6051d0c8ae1309fbdbaa57d0b48b5d8d3190deda.bin
- Size
  
  313KB
- MD5
  
  2f8aa941c9b87fc6ca21ad079e53dcf6
- SHA1
  
  b6b3c6e5b050ffd99fecb19646644e6a65e8ad00
- SHA256
  
  535a8f0ca02f5b15b61fb1fc6051d0c8ae1309fbdbaa57d0b48b5d8d3190deda
- SHA512
  
  ee18b3e374bdf3a264bb118cdf68e0a2fd95da2d590203ba3800b6834a98915519a0b1e725a88be75bf51b0bc5db7e0be461879e72854b05627b2cc625235eaa
- SSDEEP
  
  6144:QFt8ILZxgdMvJ8Q50maRBJh2e0BuLlk+4C4xn/vqS:yLZiavJvanJF0BuLl1e/h
Score

7^/10

discovery evasion
- Loads dropped Dex/Jar
  Runs executable file dropped to the device during analysis.
  evasion
- Queries the phone number (MSISDN for GSM devices)
  discovery
- Reads information about phone network operator.
  discovery
- Requests disabling of battery optimizations (often used to enable hiding in the background).
  evasion
behavioral1 behavioral2 behavioral3

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Download New Code at Runtime

Hide Artifacts

User Evasion

Credential Access

Discovery

System Network Configuration Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasion

behavioral2

discoveryevasion

behavioral3

discoveryevasion