General

  • Target

    iPhoneWhatsapp.apk

  • Size

    76.5MB

  • Sample

    241006-ha3wlayepd

  • MD5

    b650bfd2cec0ca68674d105a8f894021

  • SHA1

    70691961150319d20d4dd017b65a7647fd6e6e7f

  • SHA256

    7c1cc01519d2c6140df19ad8611c2d26afaff3aa3930a1847b8f7d3570a52ae1

  • SHA512

    0b55278cd747564730333572bce669bb06d0d1326754d80bc36eb6bf062bdcf9b4222e28cfa0790514358480adf077bc77d79c3f1d2e7823b083ba54fa56cf2c

  • SSDEEP

    1572864:AUEKAF1smH40qwr25mQlhN0uKGSSFMMUpX:UhF1smH40Ijv6uKGSGMtX

Malware Config

Targets

    • Target

      iPhoneWhatsapp.apk

    • Size

      76.5MB

    • MD5

      b650bfd2cec0ca68674d105a8f894021

    • SHA1

      70691961150319d20d4dd017b65a7647fd6e6e7f

    • SHA256

      7c1cc01519d2c6140df19ad8611c2d26afaff3aa3930a1847b8f7d3570a52ae1

    • SHA512

      0b55278cd747564730333572bce669bb06d0d1326754d80bc36eb6bf062bdcf9b4222e28cfa0790514358480adf077bc77d79c3f1d2e7823b083ba54fa56cf2c

    • SSDEEP

      1572864:AUEKAF1smH40qwr25mQlhN0uKGSSFMMUpX:UhF1smH40Ijv6uKGSGMtX

    • Patched UPX-packed file

      Sample is packed with UPX but required header fields are zeroed out to prevent unpacking with the default UPX tool.

    • Acquires the wake lock

    • Legitimate hosting services abused for malware hosting/C2

    • Queries information about active data network

    • Reads information about phone network operator.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

MITRE ATT&CK Mobile v15

Tasks