General

  • Target

    0544fe1ed5f3802d6564eeadd0b01da06d9dba2ab3e2606fd8a82bfba65fd9e3.bin

  • Size

    3.9MB

  • Sample

    241015-11b5nstfmr

  • MD5

    2c252cce9360476c8205cb2e37b37953

  • SHA1

    7e2dc05bae7999fa4fb7555e3e61c4b8a2170a4c

  • SHA256

    0544fe1ed5f3802d6564eeadd0b01da06d9dba2ab3e2606fd8a82bfba65fd9e3

  • SHA512

    80576f1b5ecb748ae300b33dd004133d3bcb53ad78c619c0e047d3a26049b14794b79b3526d5bc43a7dfd68704900a14ae5edba60c5f62c777aaddceb0ea2844

  • SSDEEP

    98304:xPNDljbAZKTgmd4QQ0nl7cz1q/Guv7A0pCuTPBq/G:PlgKT3aQGM5vk0pCm8G

Malware Config

Targets

    • Target

      0544fe1ed5f3802d6564eeadd0b01da06d9dba2ab3e2606fd8a82bfba65fd9e3.bin

    • Size

      3.9MB

    • MD5

      2c252cce9360476c8205cb2e37b37953

    • SHA1

      7e2dc05bae7999fa4fb7555e3e61c4b8a2170a4c

    • SHA256

      0544fe1ed5f3802d6564eeadd0b01da06d9dba2ab3e2606fd8a82bfba65fd9e3

    • SHA512

      80576f1b5ecb748ae300b33dd004133d3bcb53ad78c619c0e047d3a26049b14794b79b3526d5bc43a7dfd68704900a14ae5edba60c5f62c777aaddceb0ea2844

    • SSDEEP

      98304:xPNDljbAZKTgmd4QQ0nl7cz1q/Guv7A0pCuTPBq/G:PlgKT3aQGM5vk0pCm8G

    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)

    • Queries the phone number (MSISDN for GSM devices)

    • Reads the contacts stored on the device.

    • Reads the content of the call log.

    • Acquires the wake lock

    • Makes use of the framework's foreground persistence service

      Application may abuse the framework's foreground service to continue running in the foreground.

    • Queries the unique device ID (IMEI, MEID, IMSI)

MITRE ATT&CK Mobile v15

Tasks