76cf202099ae2312117a0ac1f590b7918927e53e49bd685bcc8b21f67efdf267 | Triage

Analysis

max time kernel
149s
max time network
132s
platform
android_x64
resource
android-x64-arm64-20240624-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240624-enlocale:en-usos:android-11-x64system
submitted
02-10-2024 12:37

Sharing

Report Analysis Logs

General

Target

ستينغراي_SonicR.apk
Size

537KB
MD5

5e858495b448cbeb35ea56d0c7e97aa8
SHA1

2239c8b6ee1719187f48c45ed355d51fdb26334d
SHA256

76cf202099ae2312117a0ac1f590b7918927e53e49bd685bcc8b21f67efdf267
SHA512

b42040189acbeb4b559a070222fae1a6f45d8d159a9ceddbfdfeef2f7454febc6bb0cd83b7d5a856f77ccc1539f48bd221a72dc4c68692a246f9c382aff8eedf
SSDEEP

12288:gBKvLZAwvUeK9wIkZH7x5cVS3EVqPlR6i0Ci3jM34D9u:YKvLZ6e7POS3EW6i0C+M3Su

Score

7^/10

collection impact privilege_escalation

Malware Config

Signatures

Reads the contacts stored on the device. 1 TTPs 1 IoCs

Contact List

description	ioc	Process
URI accessed for read	content://com.android.contacts/data/phones	com.scott.fnaf2

Tries to add a device administrator. 2 TTPs 1 IoCs

privilege_escalation impact

Device Administrator Permissions

Account Access Removal

description	ioc	Process
Intent action	android.app.action.ADD_DEVICE_ADMIN	com.scott.fnaf2

com.scott.fnaf2
1⤵
- Reads the contacts stored on the device.
- Tries to add a device administrator.
PID:4499

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Abuse Elevation Control Mechanism

Device Administrator Permissions

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Protected User Data

Contact List

Command and Control

Exfiltration

Impact

Account Access Removal

Replay Monitor

Loading Replay Monitor...

Downloads