0c804093ff6314d95a700d49efe150caf2f49cce626f934a825e31eb13916a9d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Spotify v8.9.18.512 [xManager] (Merged).apk
Size

78.9MB
Sample

240805-wbfpcaxbmd
MD5

85b5566c8b4702cee5cc115db09e9b3b
SHA1

d1c003dc3aee56359e53331119dc3c63203729ed
SHA256

0c804093ff6314d95a700d49efe150caf2f49cce626f934a825e31eb13916a9d
SHA512

a984ad03398a906bf0b38ef6ea1e5e81acabbbe453caf879e1aa3c552e51fe86d663947962deceab09c0a47573b59db0b2b945cb391c8079bca4e8c0d9f75b5c
SSDEEP

1572864:JWYLZcYijt/KZUVNOrOFIFH2b2DlCtG32nfVNFRGnd:0Gc9tjVNYkr2RCEGf7FQd

Score

8^/10

android discovery evasion persistence

Malware Config

Targets

- Target
  
  Spotify v8.9.18.512 [xManager] (Merged).apk
- Size
  
  78.9MB
- MD5
  
  85b5566c8b4702cee5cc115db09e9b3b
- SHA1
  
  d1c003dc3aee56359e53331119dc3c63203729ed
- SHA256
  
  0c804093ff6314d95a700d49efe150caf2f49cce626f934a825e31eb13916a9d
- SHA512
  
  a984ad03398a906bf0b38ef6ea1e5e81acabbbe453caf879e1aa3c552e51fe86d663947962deceab09c0a47573b59db0b2b945cb391c8079bca4e8c0d9f75b5c
- SSDEEP
  
  1572864:JWYLZcYijt/KZUVNOrOFIFH2b2DlCtG32nfVNFRGnd:0Gc9tjVNYkr2RCEGf7FQd
Score

8^/10

discovery evasion persistence
- Checks if the Android device is rooted.
  evasion
- Queries information about running processes on the device
  Application may abuse the framework's APIs to collect information about running processes on the device.
  discovery
- Acquires the wake lock
- Queries information about active data network
  discovery
- Checks the presence of a debugger
  evasion
behavioral1

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

Broadcast Receivers

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

System Checks

Credential Access

Discovery

Process Discovery

System Information Discovery

System Network Connections Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistence