351b61fd8de90b826dbcc212d30e9c67ac2cad9bb362b8a2de9c0c9b7140913a | Triage

Resubmissions

13/08/2024, 23:00

240813-2zdgsa1ale 8

13/08/2024, 22:58

240813-2x4k7a1aje 8

Sharing

Copy URL Twitter E-mail

General

Target

LetsVPN_2.23.0_APKPure.apk
Size

26.4MB
Sample

240813-2x4k7a1aje
MD5

793ae8778537f96c47d36541c4fc6e4a
SHA1

53a15a60637356412761366576e1e9b447517452
SHA256

351b61fd8de90b826dbcc212d30e9c67ac2cad9bb362b8a2de9c0c9b7140913a
SHA512

f7e7cbd21092219d2207a7ff0500f6410ff305a0b11568491c6b9201be5bc113899ffe0908132addb9df8945bb152864392fa4a2045caf98a2375b4f09ce98c6
SSDEEP

786432:9eI+5BJqRhjGrAap79PWLge4fn1vb8jiwL2mnSusu:9eI4BJIhjGUaRege4f1vb8jiKlSm

Score

8^/10

android discovery evasion persistence

Malware Config

Targets

- Target
  
  LetsVPN_2.23.0_APKPure.apk
- Size
  
  26.4MB
- MD5
  
  793ae8778537f96c47d36541c4fc6e4a
- SHA1
  
  53a15a60637356412761366576e1e9b447517452
- SHA256
  
  351b61fd8de90b826dbcc212d30e9c67ac2cad9bb362b8a2de9c0c9b7140913a
- SHA512
  
  f7e7cbd21092219d2207a7ff0500f6410ff305a0b11568491c6b9201be5bc113899ffe0908132addb9df8945bb152864392fa4a2045caf98a2375b4f09ce98c6
- SSDEEP
  
  786432:9eI+5BJqRhjGrAap79PWLge4fn1vb8jiwL2mnSusu:9eI4BJIhjGUaRege4f1vb8jiKlSm
Score

8^/10

discovery evasion persistence
- Checks if the Android device is rooted.
  evasion
- Queries information about running processes on the device
  Application may abuse the framework's APIs to collect information about running processes on the device.
  discovery
- Queries information about active data network
  discovery
- Checks the presence of a debugger
  evasion
behavioral1

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

Broadcast Receivers

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Process Discovery

System Information Discovery

System Network Connections Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistence