166babc081748210fceddee17e93151d61b548fb11d72e828df200f4dd800342 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

AspenTech Events_1.50700.16_APKPure.apk
Size

41.9MB
Sample

240707-yqyvksxdrp
MD5

e5f476bf4b800e1c766bc4d40597d301
SHA1

000bb42e013df8cbd37dce2bf10daca37526e4bb
SHA256

166babc081748210fceddee17e93151d61b548fb11d72e828df200f4dd800342
SHA512

7532588b2b61ff9352a39ecb62a2214177c6454fae902375cb5b609aecbeddb797c0fdc61d025c5be414a49abfc03f4091d88471b0f5e33f660c2026bcc86574
SSDEEP

786432:1Ds+TNkr3mtmnTsX51cx2YcXBaU7xnRbRYeE1kV3SYtPBtaBE19:1dmr3m+T0ifcX77xnP413APBh19

Score

8^/10

android discovery evasion execution persistence

Malware Config

Targets

- Target
  
  AspenTech Events_1.50700.16_APKPure.apk
- Size
  
  41.9MB
- MD5
  
  e5f476bf4b800e1c766bc4d40597d301
- SHA1
  
  000bb42e013df8cbd37dce2bf10daca37526e4bb
- SHA256
  
  166babc081748210fceddee17e93151d61b548fb11d72e828df200f4dd800342
- SHA512
  
  7532588b2b61ff9352a39ecb62a2214177c6454fae902375cb5b609aecbeddb797c0fdc61d025c5be414a49abfc03f4091d88471b0f5e33f660c2026bcc86574
- SSDEEP
  
  786432:1Ds+TNkr3mtmnTsX51cx2YcXBaU7xnRbRYeE1kV3SYtPBtaBE19:1dmr3m+T0ifcX77xnP413APBh19
Score

8^/10

discovery evasion execution persistence
- Checks if the Android device is rooted.
  evasion
- Acquires the wake lock
- Queries information about active data network
  discovery
- Checks the presence of a debugger
  evasion
behavioral1

MITRE ATT&CK Mobile v15

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

System Checks

Credential Access

Discovery

System Information Discovery

System Network Connections Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionexecutionpersistence