0f90c651161ecb4ec0c96ab1008b372e4970adaf8ce1941de84243aab1c9d3b6

Resubmissions

23-07-2024 19:42

240723-yepsjathjq 10

20-07-2024 23:18

240720-3aeh8a1hmq 10

Analysis

max time kernel
78s
max time network
83s
platform
android_x64
resource
android-x64-20240624-en
resource tags

androidarch:x64arch:x86image:android-x64-20240624-enlocale:en-usos:android-10-x64system
submitted
20-07-2024 23:18

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

TeleMod.27.apk
Size

4.1MB
MD5

81223bc6ee78bf9157421e28e0171d5e
SHA1

b4911bd05e27dd0ee2ea6f9b67dd39a203a06486
SHA256

0f90c651161ecb4ec0c96ab1008b372e4970adaf8ce1941de84243aab1c9d3b6
SHA512

f79c330618fc8ecc1b30a22a73db8cc9a0e73344854c0f1a087c8b9b0839797f73efe9d3546a46448387141dc1b137a212f5066d4b51267fcd14e2046396e253
SSDEEP

98304:Xk2ky2xC19NGDDomyTsY+FJJaeDXkIdV6nXrjy:XX2acXoMHHQAV6Xr+

Score

6^/10

persistence

Malware Config

Signatures

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.telemod.app

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	com.telemod.app

com.telemod.app
1⤵
- Acquires the wake lock
- Registers a broadcast receiver at runtime (usually for listening for system events)
PID:4945

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.telemod.app/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics.tap

Filesize
430B

MD5
fba79099e125e0545abbec360471aed8

SHA1
621b51bb162fa2e4def91f73db7e3495b23b4cae

SHA256
f74e32e26a94f913c39220ae03bb8c046a58eb9baba07342d2132e6b7f8889a2

SHA512
b7695db1541747be8f4be2dfda606162114751d71cf68c78c20d705d6a0c5d2cd2c982da2175fa90ad917bf9121ed91344c2a4fc526d48f1aca85dd8eeea2a02

Download Submit
/data/data/com.telemod.app/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics.tap.tmp

Filesize
16B

MD5
c33583fae4e0b61cde1c5b9227963237

SHA1
fe2ebe4d27469af1460f7e852031a04208ef629b

SHA256
35c6d6e5b93657e4a741a1cec71c21813fe05aab219909ebbb0f62fb0ae648dc

SHA512
fa09047004bec791b23f0dade0b64f8ab9bbd67555505e0d0818f6e89dfe56f474df80db0786d081d36adf23a5bacea40275ba043444a3a85d3d9612575bdd1e

Download Submit
/data/data/com.telemod.app/files/.Fabric/com.crashlytics.sdk.android:answers/session_analytics_to_send/sa_eb9d9a64-8876-4e0e-927b-d9b8137a8f7e_1721517526105.tap

Filesize
342B

MD5
a6d7e9835f1e578413c2ab6259503fa5

SHA1
94b6641e31e89b07be86577a9d55fcf68a315ab3

SHA256
46e133b93398f75756c0af236cc1ffdf1f44a5399a67e3b1a8e0e42bb5bdab8a

SHA512
e91820e5dbf2e8603f2d2de86b23db97cc7324ccfceb003a019ae0966aac61c4cd32c82c500ae4d54f1c0aa281ac8a2c8659d429777c3b0acf6d5cca025510bb

Download Submit