bazarloader | 3536b711dfea2d1500ffddcb26d38544face161e623c09f50d58d6ad6e985093 | Triage

Sharing

General

Target

3536b711dfea2d1500ffddcb26d38544face161e623c09f50d58d6ad6e985093
Size

11.6MB
Sample

240911-m9189swhqj
MD5

d9b4b799efd041e06b1f845956363f12
SHA1

82150261b44cca1600086bd70f04bffbd6732beb
SHA256

3536b711dfea2d1500ffddcb26d38544face161e623c09f50d58d6ad6e985093
SHA512

186ef8ffb3513ad83fce78fa5f19c4838f18423ec0f78d8d0339e67c7332e83815db28f7b7fb800ebc7ef341da7456c557c2ae829d2951f0798a4edf7492c105
SSDEEP

196608:JDtDvvSzkP/8NsB/OAOonMuLWPm3NGUSDxyKmQR/nS+Sxk1nCJ5Q/+bVSy1FcJ:dtDvl/KshOAO30S+NGUcoQJVg5Q+bVSb

Score

10^/10

bazarloader android banker collection discovery persistence

Malware Config

Targets

- Target
  
  3536b711dfea2d1500ffddcb26d38544face161e623c09f50d58d6ad6e985093
- Size
  
  11.6MB
- MD5
  
  d9b4b799efd041e06b1f845956363f12
- SHA1
  
  82150261b44cca1600086bd70f04bffbd6732beb
- SHA256
  
  3536b711dfea2d1500ffddcb26d38544face161e623c09f50d58d6ad6e985093
- SHA512
  
  186ef8ffb3513ad83fce78fa5f19c4838f18423ec0f78d8d0339e67c7332e83815db28f7b7fb800ebc7ef341da7456c557c2ae829d2951f0798a4edf7492c105
- SSDEEP
  
  196608:JDtDvvSzkP/8NsB/OAOonMuLWPm3NGUSDxyKmQR/nS+Sxk1nCJ5Q/+bVSy1FcJ:dtDvl/KshOAO30S+NGUcoQJVg5Q+bVSb
Score

7^/10

banker collection discovery persistence
- Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
  banker discovery
- Reads the content of photos stored on the user's device.
  collection
- Queries information about active data network
  discovery
behavioral1 behavioral2

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

Broadcast Receivers

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Software Discovery

Security Software Discovery

System Network Connections Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

bankercollectiondiscoverypersistence

behavioral2