General

  • Target

    v-sat_v2.9.0.apk

  • Size

    30.3MB

  • Sample

    240726-saffeavbmn

  • MD5

    257028d0b3b3b8f7121e7b4b651d216a

  • SHA1

    7ca5fb35f3131d0aafb04509ca5d31792354b25a

  • SHA256

    d9be128fb6d68e0b48c99e9534799461be1a8865b75b05bdb4e4ab4c76694580

  • SHA512

    766d3fe5b7e3374a19c8da91d64904507832fa2c2f9c6c4d6b131ef6fb12a61f70a4fc01fdd9d373754d686ce78b1e1769dd2d5e76efccef4be6831dd17deafe

  • SSDEEP

    786432:7Jqj4LVVa0YeNodMdVcvmOFzGUsvsPYm/3AIqFfs3lUatqV3Ohc:7JrLVVa0YP28vmO5GRvsAmXF3lUatS+e

Malware Config

Targets

    • Target

      v-sat_v2.9.0.apk

    • Size

      30.3MB

    • MD5

      257028d0b3b3b8f7121e7b4b651d216a

    • SHA1

      7ca5fb35f3131d0aafb04509ca5d31792354b25a

    • SHA256

      d9be128fb6d68e0b48c99e9534799461be1a8865b75b05bdb4e4ab4c76694580

    • SHA512

      766d3fe5b7e3374a19c8da91d64904507832fa2c2f9c6c4d6b131ef6fb12a61f70a4fc01fdd9d373754d686ce78b1e1769dd2d5e76efccef4be6831dd17deafe

    • SSDEEP

      786432:7Jqj4LVVa0YeNodMdVcvmOFzGUsvsPYm/3AIqFfs3lUatqV3Ohc:7JrLVVa0YP28vmO5GRvsAmXF3lUatS+e

    • Android SMSWorm payload

    • SMSWorm

      SMSWorm is an Android malware that can spread itself to a victim's contact list via SMS first seen in May 2021.

    • Checks if the Android device is rooted.

    • Checks known Qemu pipes.

      Checks for known pipes used by the Android emulator to communicate with the host.

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Acquires the wake lock

    • Queries information about active data network

    • Checks the presence of a debugger

MITRE ATT&CK Mobile v15

Tasks