smsworm | c1a3932fcfab6a27b4da47f54ded6039cc1d258b32be8b3d13b94b4f8331469c | Triage

Submit
Reports

Overview

overview

Static

static

0e30948b33...f0.apk

android-9-x86

8

Sharing

General

Target

0e30948b3327a093bd7b35a10f65bc1f03a9b8d1d3e242dd6b5726e9136aaff0.zip
Size

13.5MB
Sample

240902-kbeaqswdmp
MD5

e89523b1b78b6496e7e16ced21cea221
SHA1

17ff2697daaa243b9bd648ccf93f11558e612fea
SHA256

c1a3932fcfab6a27b4da47f54ded6039cc1d258b32be8b3d13b94b4f8331469c
SHA512

9944d98072ccf31f5af93edc37a33263ea07489f0943d33fa0362db8738070994ec2ac755ce31133734a21632f878c4c5f425b2506e54a778c0b769a53956e09
SSDEEP

393216:/kl1/i7R7l06dNFCSZj7AcjhiEArG17i2gFAwUE:/sS7GPe7dUrs+NKE

Score

10^/10

smsworm android discovery evasion persistence

Static task

static1

4 signatures

Behavioral task

behavioral1

Sample

0e30948b3327a093bd7b35a10f65bc1f03a9b8d1d3e242dd6b5726e9136aaff0.apk

Resource

android-x86-arm-20240624-en

discovery evasion persistence

android-9-x86

10 signatures

150 seconds

Malware Config

Targets

- Target
  
  0e30948b3327a093bd7b35a10f65bc1f03a9b8d1d3e242dd6b5726e9136aaff0.apk
- Size
  
  16.0MB
- MD5
  
  be5e2f074432526ef36156e82bb219cf
- SHA1
  
  6cf0b782485e77218710fa024f1c11f122d84f60
- SHA256
  
  0e30948b3327a093bd7b35a10f65bc1f03a9b8d1d3e242dd6b5726e9136aaff0
- SHA512
  
  84633c70391513b388cdaf77634e0c6a60d270be121bfef6d94cbcc5f88e34a929659d13d2f05348e83f56c356be3eb9dc9fc44fbeca8cf6637cc19cba8af845
- SSDEEP
  
  393216:yf0YUtNuYwbvbaSafQ0Wejue+95sweOsjIYPaP:y9GNujbDaS4WeaeI5sqC8
Score

8^/10

discovery evasion persistence
- Checks if the Android device is rooted.
  evasion
- Checks known Qemu pipes.
  Checks for known pipes used by the Android emulator to communicate with the host.
  evasion
- Queries information about running processes on the device
  Application may abuse the framework's APIs to collect information about running processes on the device.
  discovery
- Acquires the wake lock
- Queries information about active data network
  discovery
- Queries the mobile country code (MCC)
  discovery
- Checks the presence of a debugger
  evasion
behavioral1

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

Broadcast Receivers

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

System Checks

Credential Access

Discovery

Process Discovery

System Information Discovery

System Network Configuration Discovery

System Network Connections Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistence

© 2018-2024

Terms | Privacy