General
-
Target
Telegram.apk
-
Size
74.1MB
-
Sample
240817-rezjeasdnm
-
MD5
e9fc02e03b4c9097ba5b08dd944e2ae2
-
SHA1
74f40183aadfe357004ee228e14d8184065b563b
-
SHA256
ec35557541324afb84dc9855136d478ff02d69927ff6382acb2e111defa47603
-
SHA512
36a265c5a9c70d92e15e0e5768c2aa96e4b509ba9c4f17434cde992c46daaa2b937264ed6699d9f47c8a9a3f96919e7489bafd226dcd26d1e06f58a8b2c42b99
-
SSDEEP
1572864:W40oq0wXQw3xah7ZrYoXm3QBFh7o205QOd1b974T80kGD:WLoqtL3xaTrYyyQ+D5Qa9MD
Malware Config
Targets
-
-
Target
Telegram.apk
-
Size
74.1MB
-
MD5
e9fc02e03b4c9097ba5b08dd944e2ae2
-
SHA1
74f40183aadfe357004ee228e14d8184065b563b
-
SHA256
ec35557541324afb84dc9855136d478ff02d69927ff6382acb2e111defa47603
-
SHA512
36a265c5a9c70d92e15e0e5768c2aa96e4b509ba9c4f17434cde992c46daaa2b937264ed6699d9f47c8a9a3f96919e7489bafd226dcd26d1e06f58a8b2c42b99
-
SSDEEP
1572864:W40oq0wXQw3xah7ZrYoXm3QBFh7o205QOd1b974T80kGD:WLoqtL3xaTrYyyQ+D5Qa9MD
Score7/10-
Checks known Qemu pipes.
Checks for known pipes used by the Android emulator to communicate with the host.
-
Loads dropped Dex/Jar
Runs executable file dropped to the device during analysis.
-
Queries account information for other applications stored on the device
Application may abuse the framework's APIs to collect account information stored on the device.
-
Queries the phone number (MSISDN for GSM devices)
-
Reads the contacts stored on the device.
-
Reads the content of photos stored on the user's device.
-
Acquires the wake lock
-
Queries information about active data network
-
MITRE ATT&CK Mobile v15
Defense Evasion
Download New Code at Runtime
1Virtualization/Sandbox Evasion
2System Checks
2Discovery
System Information Discovery
1System Network Configuration Discovery
1System Network Connections Discovery
1