d69eb52d45ad030ac5b937188232e0362782ab6916c496f6f790b902be6aff61 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Spotifyv8.9.68.456Premium.apk
Size

76.1MB
Sample

240911-n5yg9azcjf
MD5

a0992be1b4b9cae3a364e44811fe92d8
SHA1

b0071beff6bb3d278d039f744554ecb52cd92847
SHA256

d69eb52d45ad030ac5b937188232e0362782ab6916c496f6f790b902be6aff61
SHA512

637255e96d42bfcd9e6eddb5d764c25391e5b4773a85950e58c363741e662441346793c8bf2f5cd8ecd54676bcb0b2a0b5796f3308cfa6cf96d2c1e7418bf981
SSDEEP

1572864:8mjGTbOL5hX+KqupgGZYB5T94FFJdVczXDjU:7kiL5ltlpLZYCBdVaXDjU

Score

8^/10

android discovery evasion persistence

Malware Config

Targets

- Target
  
  Spotifyv8.9.68.456Premium.apk
- Size
  
  76.1MB
- MD5
  
  a0992be1b4b9cae3a364e44811fe92d8
- SHA1
  
  b0071beff6bb3d278d039f744554ecb52cd92847
- SHA256
  
  d69eb52d45ad030ac5b937188232e0362782ab6916c496f6f790b902be6aff61
- SHA512
  
  637255e96d42bfcd9e6eddb5d764c25391e5b4773a85950e58c363741e662441346793c8bf2f5cd8ecd54676bcb0b2a0b5796f3308cfa6cf96d2c1e7418bf981
- SSDEEP
  
  1572864:8mjGTbOL5hX+KqupgGZYB5T94FFJdVczXDjU:7kiL5ltlpLZYCBdVaXDjU
Score

8^/10

discovery evasion persistence
- Checks if the Android device is rooted.
  evasion
- Queries information about running processes on the device
  Application may abuse the framework's APIs to collect information about running processes on the device.
  discovery
- Acquires the wake lock
- Queries information about active data network
  discovery
- Checks the presence of a debugger
  evasion
behavioral1

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

Broadcast Receivers

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

System Checks

Credential Access

Discovery

Process Discovery

System Information Discovery

System Network Connections Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistence