c41be8038abe5e8f3286ba363fce00c5871cc293dc70f88cdb1fb96936367fce | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Discord-v126.20-MOD-GMA-(Getmodsapk.com).apk
Size

101.6MB
Sample

240707-1d62jaydmj
MD5

c480ba9228fddd537898afb7c92e5dbb
SHA1

2366a06f46f7e92eb271fe7308395775ca1eec5c
SHA256

c41be8038abe5e8f3286ba363fce00c5871cc293dc70f88cdb1fb96936367fce
SHA512

b6f52572266ffce365cd63c13ddbb5e7f6c1900f0bb8da386e84229773dc048d6013c98668b6528eddf0bad6e2ce79c7b8a567d2b4ded4a0141c77f92cb44ab1
SSDEEP

1572864:PQDCCkCFp5KcG4Z1SFgT63VEpA5X6tTq7U1Jhg72NnQmc99ytj3F:PACCkCFpONp3SpCUTq7qrNQmc99GjV

Score

8^/10

android discovery evasion

Malware Config

Targets

- Target
  
  Discord-v126.20-MOD-GMA-(Getmodsapk.com).apk
- Size
  
  101.6MB
- MD5
  
  c480ba9228fddd537898afb7c92e5dbb
- SHA1
  
  2366a06f46f7e92eb271fe7308395775ca1eec5c
- SHA256
  
  c41be8038abe5e8f3286ba363fce00c5871cc293dc70f88cdb1fb96936367fce
- SHA512
  
  b6f52572266ffce365cd63c13ddbb5e7f6c1900f0bb8da386e84229773dc048d6013c98668b6528eddf0bad6e2ce79c7b8a567d2b4ded4a0141c77f92cb44ab1
- SSDEEP
  
  1572864:PQDCCkCFp5KcG4Z1SFgT63VEpA5X6tTq7U1Jhg72NnQmc99ytj3F:PACCkCFpONp3SpCUTq7qrNQmc99GjV
Score

8^/10

discovery evasion
- Checks if the Android device is rooted.
  evasion
- Acquires the wake lock
- Legitimate hosting services abused for malware hosting/C2
- Queries information about active data network
  discovery
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

System Checks

Credential Access

Discovery

System Information Discovery

System Network Connections Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasion