smsagent | fbd62f0273f0f4f7f9937bdc8a2d9d3cb0ce0687ede74a4a8c34e9c601688db1 | Triage

Sharing

General

Target

fbd62f0273f0f4f7f9937bdc8a2d9d3cb0ce0687ede74a4a8c34e9c601688db1
Size

8.5MB
Sample

240713-b81esszhlm
MD5

3fb2c2368484295cc33db07dda7be124
SHA1

23eb40d927ed79e225e78354c4af7d47f0f93e82
SHA256

fbd62f0273f0f4f7f9937bdc8a2d9d3cb0ce0687ede74a4a8c34e9c601688db1
SHA512

66a3def5c70398bbef54db97f6a8f567e8fdef1a9dc76c2f7a73656e8cae709b7fd05588f67a1b983c59e04ebf527f0faa99de9fb8cccf20b9bc2dfabb89f1dd
SSDEEP

98304:CcGgiTW5I9PDSn7wyngcfjDZLjBRTso56FSm8mvaThSDlD:Cc3+W5I9bccMg+ZHTso5038mvaTh8D

Score

10^/10

smsagent android collection credential_access discovery evasion impact persistence

Malware Config

Targets

- Target
  
  fbd62f0273f0f4f7f9937bdc8a2d9d3cb0ce0687ede74a4a8c34e9c601688db1
- Size
  
  8.5MB
- MD5
  
  3fb2c2368484295cc33db07dda7be124
- SHA1
  
  23eb40d927ed79e225e78354c4af7d47f0f93e82
- SHA256
  
  fbd62f0273f0f4f7f9937bdc8a2d9d3cb0ce0687ede74a4a8c34e9c601688db1
- SHA512
  
  66a3def5c70398bbef54db97f6a8f567e8fdef1a9dc76c2f7a73656e8cae709b7fd05588f67a1b983c59e04ebf527f0faa99de9fb8cccf20b9bc2dfabb89f1dd
- SSDEEP
  
  98304:CcGgiTW5I9PDSn7wyngcfjDZLjBRTso56FSm8mvaThSDlD:Cc3+W5I9bccMg+ZHTso5038mvaTh8D
Score

8^/10

evasion impact persistence collection credential_access discovery
- Checks if the Android device is rooted.
  evasion
- Obtains sensitive information copied to the device clipboard
  Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
  collection credential_access impact
- Queries the mobile country code (MCC)
  discovery
- Checks the presence of a debugger
  evasion
behavioral1 behavioral2 behavioral3

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

Broadcast Receivers

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

System Checks

Credential Access

Clipboard Data

Discovery

System Information Discovery

System Network Configuration Discovery

Lateral Movement

Collection

Clipboard Data

Command and Control

Exfiltration

Impact

Data Encrypted for Impact

Data Manipulation

Transmitted Data Manipulation

Tasks

static1

behavioral1

evasionimpactpersistence

behavioral2

collectioncredential_accessdiscoveryevasionimpactpersistence

behavioral3

collectioncredential_accessevasionimpact