f3ff6729da7a43cf73ca02233a77ec6514138482e99d0d9d02b9156126ff96bd

Sharing

Copy URL

Twitter E-mail

General

Target

Spotify 8.9.62.566.apk+
Size

74.1MB
Sample

240802-tq8bss1bnl
MD5

1cfb5aa3520a115497cc55cf63732327
SHA1

db4b9cb295e5cc331b1babd186c09da7a088ef5c
SHA256

f3ff6729da7a43cf73ca02233a77ec6514138482e99d0d9d02b9156126ff96bd
SHA512

464f57004bb730aee7fee0f394beab8196182ecbb7aa11840f4bf017b23e44e50c751cf4c0dbd01792d3526cd13a757d05ee566383c6e148f3e05a9a672b09c6
SSDEEP

786432:jnoFel1FxyqlqxklpzNI7rOmOabxtRb8S8+qGyA5ElAop:sel1FxyqPNIPOmOabx/AS8+qwEie

Score

8^/10

Malware Config

Targets

- Target
  
  apk+.json
- Size
  
  131B
- MD5
  
  cbdf63675a38bf47f0e8de0cde6355d4
- SHA1
  
  0352e8037322d07e3fd425f8715f19db2f3b5671
- SHA256
  
  eaf6048629da1796d75d611ee7e8d06ae453f6642a1a6ce31065e6496f7d13e6
- SHA512
  
  7a949acab7bb89cb9870ca924d4f5b77a77f877c528c63753a92bf0d0965b73ffa66352b3e0467b651c689b6723f2c2a929fe5add2f4fc1568c53257b595d23c
Score

3^/10

discovery
behavioral1 behavioral2
- Target
  
  base.apk
- Size
  
  64.2MB
- MD5
  
  f716b23e079c8298c8abbccc386afbb3
- SHA1
  
  82485a2fcda0cb6c635ecf1116745471f6c76329
- SHA256
  
  e9aec33e6cc4a372d41e7f6c999e992e1651b2d58aee0876c2176cee90da29fc
- SHA512
  
  edb081e6adb2346a95dbed5838a7e6d6170bb5874d6c2c842d17da6b4e8239a4fa75a81e0604e9d6330bdebcf5c48bb9d38ce3f36c05ef77430ca455168b0efa
- SSDEEP
  
  786432:adcTepT3xyunqRCnJpBMvfYmOa5bnTPGWf:BepT3xyufBMXYmOa5bTuWf
Score

8^/10

discovery evasion persistence execution
- Checks if the Android device is rooted.
  evasion
- Loads dropped Dex/Jar
  Runs executable file dropped to the device during analysis.
  evasion
- Queries information about running processes on the device
  Application may abuse the framework's APIs to collect information about running processes on the device.
  discovery
- Acquires the wake lock
- Queries information about active data network
  discovery
- Checks the presence of a debugger
  evasion
- Listens for changes in the sensor environment (might be used to detect emulation)
  evasion
behavioral3 behavioral4 behavioral5
- Target
  
  icon.png
- Size
  
  7KB
- MD5
  
  29e23400d01996267813dfe55f5ee11d
- SHA1
  
  d315ea8aa70e7b468e42c5d10f737c7257ca8dd2
- SHA256
  
  05a2c7054a3300701713924c6704b6073588c0a3357b5d6503d8f3fc676b6abb
- SHA512
  
  97774ca3b338226e5ab2e6cf27ff9dd4f9a11b6ea8e07160d6c901d57ee1ed86fa4689e09769aff0ae78b430fef85f9097652d336002dfc6f2ddb7a47d9eaa16
- SSDEEP
  
  192:gFI78fUSCPqf/DKsGeO/3VM5SZq8294kG3zFORpj84cEWO:k4q3DKsReMJ99mGpRGO
Score

3^/10
behavioral6 behavioral7
- Target
  
  split_config.arm64_v8a.apk
- Size
  
  8.8MB
- MD5
  
  106b2a30962ab452040ce24715e80d6e
- SHA1
  
  7b8b1c2b2a62821679afba810423fd06837a3663
- SHA256
  
  cab07e503e9bfe7e56b6b9c6edb16b27322080a845a8ab6c64cd6f17f41693dc
- SHA512
  
  d8fab0fcb0614368760cd3e5a6933f4f12b9e4c5aed08c9fbdc52ced3b9190d3dd3daab97d7017c785d9f39000e75226368551d481b61b22da7f6212817f42b4
- SSDEEP
  
  196608:sn8VGWVt05ZEr2qyUCjwGSSO92eyZ0MKF/kXPRYQHEgfGxrXj3:s8Yh+CjPSSO9vyZ0vSTzWj
Score

1^/10
behavioral8 behavioral9
- Target
  
  split_config.en.apk
- Size
  
  520KB
- MD5
  
  95a6be499fbf58b2a38356b6706bb576
- SHA1
  
  7f8dd6d97be3a0d8f716aaa0ee6c6c9399454211
- SHA256
  
  19ab41ce1d6df140b0161b5ad9bb624a22136839bb08a25297f0cea2b9e54b3a
- SHA512
  
  b92f3db123b7ba5aa42bdf706ca6644ede7da99f2f2e5a64ba1ec1e0b5745f914467936491205375314deefa3eecd5f689b62d89a87cf843400055f4eac97b7d
- SSDEEP
  
  12288:3NoyzavLm4o8A/pmLfZj+hGKJzRuGm8WqtcE0sie5Q+mQ+tR:3tzafCkQM
Score

1^/10
behavioral10 behavioral11
- Target
  
  split_config.xxhdpi.apk
- Size
  
  573KB
- MD5
  
  e98f362832ae3588f16d8faff39a153e
- SHA1
  
  25a272ef9e7886caace7cda86b4af0f84630a176
- SHA256
  
  4cf1dfc2db299ff2c10c7637b4f4e5c20f8be630beb2603f141c82354a68bec6
- SHA512
  
  9293c93f9752222d0f0cdde7de57a6b47a2fca7f0c8c7b00ccdf49e2f4b18968a58a2cc884b3ab2582361a2eb5fe808f3e3d0e03b169a7db32cac0a4d1844e90
- SSDEEP
  
  12288:MuDXUVrTNcQPRqwoKDU/DQmQF7MAzb7hJ:MJTNvPUwoYUcpXT
Score

1^/10
behavioral12 behavioral13

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

T1082

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

MITRE ATT&CK Mobile v15

Initial Access

Execution

Scheduled Task/Job

T1603

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Scheduled Task/Job

T1603

Privilege Escalation

Defense Evasion

Download New Code at Runtime

T1407

Hide Artifacts

T1628

User Evasion

T1628.002

Credential Access

Discovery

Process Discovery

T1424

System Information Discovery

T1426

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Checks if the Android device is rooted.

Loads dropped Dex/Jar

Queries information about running processes on the device

Acquires the wake lock

Queries information about active data network

Checks the presence of a debugger

Listens for changes in the sensor environment (might be used to detect emulation)

MITRE ATT&CK Enterprise v15

MITRE ATT&CK Mobile v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13