c97070f8385b8a821033a47e857a7cd43ac408fdcb0d5c3b2ef1ec2a727aea91 | Triage

Sharing

General

Target

Spotifyv8.9.76.538PremiumAmoled.apk
Size

76.0MB
Sample

241005-b6bnnasend
MD5

0bed01082eef3eac13719e0cb676746d
SHA1

e5384335da1add2d116f985ff8f3ce36f7d9c3e0
SHA256

c97070f8385b8a821033a47e857a7cd43ac408fdcb0d5c3b2ef1ec2a727aea91
SHA512

aca1d9a5ad9093c06613dcf29d57cf366321a63f3ca88fe5c711ad697072b2907a09d4c9dbe1ea0e1362f9ffd2b0748d440ae22eb2d821eb17a6e88bebfc5165
SSDEEP

1572864:YDVoeQtrK7DXW3AROfOguF7OJOt8WQKgu:7eQtrK7DWQw2zFi4Xgu

Score

8^/10

android discovery evasion persistence

Malware Config

Targets

- Target
  
  Spotifyv8.9.76.538PremiumAmoled.apk
- Size
  
  76.0MB
- MD5
  
  0bed01082eef3eac13719e0cb676746d
- SHA1
  
  e5384335da1add2d116f985ff8f3ce36f7d9c3e0
- SHA256
  
  c97070f8385b8a821033a47e857a7cd43ac408fdcb0d5c3b2ef1ec2a727aea91
- SHA512
  
  aca1d9a5ad9093c06613dcf29d57cf366321a63f3ca88fe5c711ad697072b2907a09d4c9dbe1ea0e1362f9ffd2b0748d440ae22eb2d821eb17a6e88bebfc5165
- SSDEEP
  
  1572864:YDVoeQtrK7DXW3AROfOguF7OJOt8WQKgu:7eQtrK7DWQw2zFi4Xgu
Score

8^/10

discovery evasion persistence
- Checks if the Android device is rooted.
  evasion
- Queries information about running processes on the device
  Application may abuse the framework's APIs to collect information about running processes on the device.
  discovery
- Acquires the wake lock
- Queries information about active data network
  discovery
- Checks the presence of a debugger
  evasion
behavioral1

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

Broadcast Receivers

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

System Checks

Credential Access

Discovery

Process Discovery

System Information Discovery

System Network Connections Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistence