pegasus | ade8bef0ac29fa363fc9afd958af0074478aef650adeb0318517b48bd996d5d5

Analysis

max time kernel
125s
max time network
133s
platform
android_x64
resource
android-x64-arm64-20240624-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240624-enlocale:en-usos:android-11-x64system
submitted
19/09/2024, 15:40

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

ade8bef0ac29fa363fc9afd958af0074478aef650adeb0318517b48bd996d5d5.apk
Size

257KB
MD5

7c3ad8fec33465fed6563bbfabb5b13d
SHA1

e5920f3723e62e1850157f09baf556006bf80f74
SHA256

ade8bef0ac29fa363fc9afd958af0074478aef650adeb0318517b48bd996d5d5
SHA512

75da7c118879d9430fb13c5a51d76e1278f0c1474d5cc25c4b9684b7d8c0f93b2e44584eee0f8b0d12016bc1efad367b45ff9ca5609853ae345b6d802ff63d10
SSDEEP

6144:OiJF1SCwcTjQGPihLcfUmu9XuS0nbkDIyTkRJ0P1d41RiFV1iFuU:OqF1VHzqLcfIJ4bqIeP9d4jkKFuU

Score

10^/10

pegasus collection discovery infostealer trojan

Malware Config

Signatures

Pegasus
Pegasus is a commercial Android spyware first seen in 2016.
infostealer trojan pegasus

Reads the contacts stored on the device. 1 TTPs 1 IoCs

collection

Contact List

T1636.003

description	ioc	Process
URI accessed for read	content://com.android.contacts/contacts	com.network.android

Reads the content of the browser bookmarks. 1 TTPs 1 IoCs

collection

Data from Local System

T1533

description	ioc	Process
URI accessed for read	content://browser/bookmarks	com.network.android

Reads the content of the call log. 1 TTPs 1 IoCs

collection

Call Log

T1636.002

description	ioc	Process
URI accessed for read	content://call_log/calls	com.network.android

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.network.android

com.network.android
1⤵
- Reads the contacts stored on the device.
- Reads the content of the browser bookmarks.
- Reads the content of the call log.
- Queries information about active data network
PID:4516

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Connections Discovery

T1421

Lateral Movement

Collection

Data from Local System

T1533

Protected User Data

T1636

Call Log

T1636.002

Contact List

T1636.003

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.network.android/logs/0vlt.dat

Filesize
12B

MD5
47cea209518b7a28fea4794438f99059

SHA1
97fccd6b0e1e87c367b823fe37d7ad6e8ac1f3eb

SHA256
308cc0af73483e2593f178eecd5583199c6fd5e4000b09414520a2e85249b352

SHA512
729ace42d90d67c900fd6fc3e5d8c68505ac7eb3347e7aca712909c5af5a14d50620c7e40db7a4efa40918afe59d7ee788c92bbc4ceb5baca9c0a1ae35e85663

Download Submit
/data/data/com.network.android/logs/0vlt.dat

Filesize
12B

MD5
bc5c73bfbcb9654c60ab7095bdb84de8

SHA1
a14e362a3182d46a6aeadfae4f3d75802318955d

SHA256
6fd991c89ffa302d2a75e6f4665f05f94a68dcb338cffde9ef737d22ec6f2122

SHA512
7bcee1e434c1a52c5557d314866d3d1b913d81fea37710308538d6a8ee4edb94a5a095968dfe7afa2791094deec3c678541b428bdfc854d50df4d72f1e805bc7

Download Submit
/data/data/com.network.android/logs/0vlt.dat

Filesize
12B

MD5
88f567aa68a023ec1d0299988e53eb78

SHA1
c31449aa00419bc6f3656f699bc29294a26c9c11

SHA256
a3142e41dc69dac84a32422ecced6a64d83e3119175dd5a70de8d31698fb7dd9

SHA512
684bf72d4c455e01110c82618ed6664c55d5857aeda49ec62c8bae170d531bc6b45915acff3d57322014aac073379957763d5b6eed5ac0a72f86685295a61968

Download Submit
/data/data/com.network.android/logs/0vlt.dat

Filesize
12B

MD5
c5d146d6b8385d1215a37f8ed8aba495

SHA1
2e7d86a543ddb6000ee1432c27c51f47b1d124c0

SHA256
c33c0f2b12cdf49f74bda91a43419298513f5d06987da6c695542b04f67e3b2c

SHA512
ab0e785f706f4954aed6ceeb9b6d0b1f10d31bb3b73bd417ecfeaa514b49091884c68aa290653bc400ac648772acc5f0818f1446326b34c110839579596f0854

Download Submit
/data/user/0/com.network.android/databases/NetworkManagerData.db

Filesize
16KB

MD5
f64a816e653835b07054fb6ff9c91524

SHA1
8a78b568a09bfa940d8d4c1d889c92dd962047ac

SHA256
f942e329bb4d8e844e2ee2cee3fa71212fbf26c1016a5dec8eaf529716d0479a

SHA512
32195c3faf677215d7e9a9c1809585c93b981edea59c111d41110df1a10913edce7b11d2ca12c83b01cc0fd57ce4667ad9f101fbff4273de4a020919e718dd10

Download Submit
/data/user/0/com.network.android/databases/NetworkManagerData.db-journal

Filesize
8KB

MD5
479c2d95803f0796e6147651584770c7

SHA1
af841dcf234ea97c4ad601542e8b40f1f151b0eb

SHA256
7c95189b2b3c7fd487fc817cd68398a299a227dc19c36a4ae6ea2d11fe8f4d2c

SHA512
f6da75293316cce60561ed88746e645cef3fdfabcfd3d45d1325e8b01aefe9fd777393244cd8ca9d488a191f21c69a72e6fcb05e37ef231fed9a3d9747059e2d

Download Submit
/data/user/0/com.network.android/databases/NetworkManagerData.db-journal

Filesize
8KB

MD5
32440933b987bf6ba619ffdd33dd60a1

SHA1
29e0ec2c5ff3e13b35472431c341c5714d2df9ff

SHA256
9ddce5b0d7a64eb42144e4cd3f492713750ac3ed4773b4d5d943eecf836e61c3

SHA512
2b6c8afa12f274556c037eeee7b5efa1a03f18ac1892ab5f2148d91eb891d31f3d8296b482a6ff717375599797c6bfc68d9777d837593bcbaef5ae73a4cae690

Download Submit
/data/user/0/com.network.android/databases/NetworkManagerData.db-journal

Filesize
512B

MD5
6a683e328992050084c7549250237c74

SHA1
43e949a6acb40d7419ce60ff45684fbcda02f2c9

SHA256
bf8b73e0a2fec416e037f6f439ea5ef63077343e9a8718607fe7365cf5774883

SHA512
ade1c284f1afa52c80a716c016454fedc5ea146a6691f5f2ae9864cdf8fd25fe75d5dc0558be5542b7840b58d94e544520fd634173a8136f5a9547c72d50da82

Download Submit
/data/user/0/com.network.android/pex.dat

Filesize
12KB

MD5
138d764910cb46a05b83d5af830dcfd4

SHA1
583dafb10cbfa0941821d9fe721b4a28498ae656

SHA256
0aa2c4123b0ccd2e11f3ea6bf425488da6b7db400745fb43e8563aa1d5f95731

SHA512
874b0c9745cb1446ae6e826e7888b08e1e7127b790bf3842093d16499175922a6305c7244c9b42a854cd7685bbe18d879cb057d59ed45bd30fd9dc11748e3584

Download Submit
/data/user/0/com.network.android/srcsu.dat

Filesize
8KB

MD5
f091e95aa696a326b4b948869fd3df78

SHA1
3e2b4a81bac630973a990ed1e9e0a973158a818a

SHA256
5f1c4d94b3c91704c3955b8954ce543eecb292da4a58b7c61e7592adcffa0f33

SHA512
0b5ed603ca79db5a98e2b4e24d98eecedc7bcdc660efb37241f9c3e40a68e9fab5caac53a1a4e3fb6cfd99ac40c0ab8acf63d4e5ff96c7ab03aebec4f87b35f0

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads