triada | 7445259625fbd39caa72958eb6750d2b4f658b4cdac4dbef56bcfe0b05a07af7 | Triage

Sharing

General

Target

MBWhatsApp_1.4.1_by_stefanoYG.apk
Size

84.5MB
Sample

240916-2k5ygstdjp
MD5

55bdfa0ec855faa3a9fed582465c4388
SHA1

3b7fcd78cc8a1c9e06057d6534f218c320da04a2
SHA256

7445259625fbd39caa72958eb6750d2b4f658b4cdac4dbef56bcfe0b05a07af7
SHA512

d6bca86140dde35b189a62056153087927b0af6c562f9eaf334f918bc0c5030ea6924b506677829144452e0d34bc62ee26ddcf44858f1da2593a5e45e6b6ef65
SSDEEP

1572864:strEdbcmfQc20Q3ZDI24ehVGHfbq4znXc/B46PuK27NftACK:CEdomocQ3ZDI24dHfbq4znXURPuK2zg

Score

10^/10

triada android discovery evasion execution impact persistence upx

Malware Config

Targets

- Target
  
  MBWhatsApp_1.4.1_by_stefanoYG.apk
- Size
  
  84.5MB
- MD5
  
  55bdfa0ec855faa3a9fed582465c4388
- SHA1
  
  3b7fcd78cc8a1c9e06057d6534f218c320da04a2
- SHA256
  
  7445259625fbd39caa72958eb6750d2b4f658b4cdac4dbef56bcfe0b05a07af7
- SHA512
  
  d6bca86140dde35b189a62056153087927b0af6c562f9eaf334f918bc0c5030ea6924b506677829144452e0d34bc62ee26ddcf44858f1da2593a5e45e6b6ef65
- SSDEEP
  
  1572864:strEdbcmfQc20Q3ZDI24ehVGHfbq4znXc/B46PuK27NftACK:CEdomocQ3ZDI24dHfbq4znXURPuK2zg
Score

7^/10

discovery execution impact persistence evasion
- Loads dropped Dex/Jar
  Runs executable file dropped to the device during analysis.
  evasion
- Acquires the wake lock
- Legitimate hosting services abused for malware hosting/C2
- Queries information about active data network
  discovery
- Reads information about phone network operator.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

MITRE ATT&CK Mobile v15

Initial Access

Execution

Scheduled Task/Job

Persistence

Event Triggered Execution

Broadcast Receivers

Scheduled Task/Job

Privilege Escalation

Defense Evasion

Download New Code at Runtime

Virtualization/Sandbox Evasion

System Checks

Credential Access

Discovery

System Information Discovery

System Network Configuration Discovery

System Network Connections Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Data Encrypted for Impact

Tasks

static1

behavioral1

discoveryexecutionimpactpersistence

behavioral2

discoveryevasionexecutionimpactpersistence