b1f3839bedc8d8f68c4fea803e5e164bb8e3e9cbed586e8cad2c9e373e40a324 | Triage

Sharing

General

Target

Spotify-v8.9.74.568_arm64-v8a.apk
Size

72.5MB
Sample

241001-walh7swcpf
MD5

8afe724ca2e560d11acd12372df69d58
SHA1

785e09783dcd7cadae42290d87cb6b2572877d94
SHA256

b1f3839bedc8d8f68c4fea803e5e164bb8e3e9cbed586e8cad2c9e373e40a324
SHA512

e6252e316ad72edf66425c9f8e73f0f94cdc858df11fa04580257c735d5aea7a8155a30a9f81e0d3dfe6634b6c11051e964c878447f83ca91d832b90b63d5f9e
SSDEEP

1572864:ZX0SOHhePEg5IKEkRe0tVSHsG+zCMylyezUP6yJ4H:ZvWUIK/e0tUHxiCMvfP6i4H

Score

8^/10

android discovery evasion

Malware Config

Targets

- Target
  
  Spotify-v8.9.74.568_arm64-v8a.apk
- Size
  
  72.5MB
- MD5
  
  8afe724ca2e560d11acd12372df69d58
- SHA1
  
  785e09783dcd7cadae42290d87cb6b2572877d94
- SHA256
  
  b1f3839bedc8d8f68c4fea803e5e164bb8e3e9cbed586e8cad2c9e373e40a324
- SHA512
  
  e6252e316ad72edf66425c9f8e73f0f94cdc858df11fa04580257c735d5aea7a8155a30a9f81e0d3dfe6634b6c11051e964c878447f83ca91d832b90b63d5f9e
- SSDEEP
  
  1572864:ZX0SOHhePEg5IKEkRe0tVSHsG+zCMylyezUP6yJ4H:ZvWUIK/e0tUHxiCMvfP6i4H
Score

8^/10

discovery evasion
- Checks if the Android device is rooted.
  evasion
- Loads dropped Dex/Jar
  Runs executable file dropped to the device during analysis.
  evasion
- Queries information about running processes on the device
  Application may abuse the framework's APIs to collect information about running processes on the device.
  discovery
- Acquires the wake lock
- Queries information about active data network
  discovery
- Checks the presence of a debugger
  evasion
behavioral1

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Download New Code at Runtime

Virtualization/Sandbox Evasion

System Checks

Credential Access

Discovery

Process Discovery

System Information Discovery

System Network Connections Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasion