smsworm | 1e359eac2575feafc8202c4d5b0558952c16c6468b99aee35170508c175ddb73

Analysis

max time kernel
246s
max time network
261s
platform
android_x64
resource
android-x64-arm64-20240624-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240624-enlocale:en-usos:android-11-x64system
submitted
17-10-2024 16:55

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

android.html
Size

104KB
MD5

ff496339e50076173997a871b26aeaf9
SHA1

8f985baaa1c9ce53170b1068f71062b7e1f16b05
SHA256

1e359eac2575feafc8202c4d5b0558952c16c6468b99aee35170508c175ddb73
SHA512

97c5a30a2f58a565747c24bfb0bb8e864b5283615026fe8ea387eb3d979e1cdf7acda2451ea56e4e4501a4f3089d46893168d02eb66d30e7491d37b7a22b446d
SSDEEP

3072:SyFdr/s4uxHQZxxxAGO4kAspa3EgBlpbPj6Xaj7T4:5ruRGO4kAspa0gBLbI

Score

10^/10

smsworm infostealer spyware trojan

Malware Config

Signatures

Android SMSWorm payload 1 IoCs

Processes:

resource	yara_rule
/storage/emulated/0/Download/.pending-1729788971-finagro-movil-agronegocio-1-1.apk	family_smsworm

SMSWorm
SMSWorm is an Android malware that can spread itself to a victim's contact list via SMS first seen in May 2021.
trojan infostealer spyware smsworm
Checks CPU information 2 TTPs 1 IoCs

System Checks
T1633.001

System Information Discovery
T1426

Processes:

com.android.chrome

description ioc process

File opened for read /proc/cpuinfo com.android.chrome
Checks memory information 2 TTPs 1 IoCs

System Checks
T1633.001

System Information Discovery
T1426

Processes:

com.android.chrome

description ioc process

File opened for read /proc/meminfo com.android.chrome

description	ioc	process
File opened for read	/proc/cpuinfo	com.android.chrome

description	ioc	process
File opened for read	/proc/meminfo	com.android.chrome

com.android.chrome
1⤵
- Checks CPU information
- Checks memory information
PID:4392

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

System Information Discovery

T1426

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/storage/emulated/0/Download/.com.google.Chrome.8S0L7q

Filesize
10.1MB

MD5
baa787019d844b899f23f73b20d3405e

SHA1
2bc3fe3e4cedf182a0bc0eea61cf1338d2ae8c32

SHA256
72c6b43eac05c3fa6a7bfff48676b39244052f81faad39597795a7af2504f37c

SHA512
03621d7904c26a3a339d42b4e614d047409bf1f64ef20868bbd2fc9bbf12589cd5f0588bbf8fc17dfaa32eff0da5b096f3151bb6e8da9dd96d03f7942a06a09b

Download Submit
/storage/emulated/0/Download/.com.google.Chrome.ynZvzw

Filesize
6.5MB

MD5
1f38cc830328f595b6b381a497276612

SHA1
0b5cf5d2dbd1fe56c98bf94531c7de2025c97883

SHA256
3c81a48177565ddd6f7b3b180e32413d208dc63016808b32038a7def3f4429fa

SHA512
e15423d719b2d36b3fd5ba7204fcc04fe6eac46a3b5d2c76fd9aba28a596f7e6db3a0f4bad93ed6937d46c15cdd1e889e2f542476fadfc3a224a66a78a2c7a94

Download Submit
/storage/emulated/0/Download/.pending-1729788971-finagro-movil-agronegocio-1-1.apk

Filesize
10.1MB

MD5
f1875c69e264c638a22114660f1bead4

SHA1
6929e624422cfc79fdb23ae8f2e4583d69143893

SHA256
97a7b881d8c76c60491a42d2027b0e73ce94db8f74b9d751d115e7c08900d55f

SHA512
5186eb98206caf20acfc075d3d5158ab89a2bc384a6137ca7787795d3f08db7b8988cd8b58b81d7ce3b77ca5f5ffda1ee6f23b39d7921772254b32e39fce8d41

Download Submit
/storage/emulated/0/Download/.pending-1729788971-finagro-movil-agronegocio-1-1.apk (deleted)

Filesize
1.5MB

MD5
673340c748d477156a720fbaa951ae8c

SHA1
853e40099e8ab227f0dbde537f8979e454191a72

SHA256
40ded316dbf294ba74739e6ad2354d5f174c35b7012b26076265e0042bbb5436

SHA512
a12c507e3c87f60a10bc95c18be1b4db3d8df659370d92a96bfb74c2618faedcd2b2caa35ccec9a22c359d2ae4cd8a1873b9a1d24be47b26425f74a9d7569474

Download Submit
/storage/emulated/0/Download/.pending-1729788978-finagro-movil-agronegocio-1-1 (1).apk (deleted)

Filesize
10.6MB

MD5
07d4c604673e1cf234bf527c1b757f69

SHA1
271aa4e17e66b75ce65295b64b1d90e105243f60

SHA256
b579b712d3127ef50ff85000318d3d705772deea580d7e2ea88c75db543ce397

SHA512
ac028d2e7dcfbecdf0b6b58077b8ff66e89de6205455178608e677c7c6a2644d54e6393bb2a9d7548af8e107a81e561a22ab7da3f6801c1bf66012104ee7e3df

Download Submit
/storage/emulated/0/Download/.pending-1729789174-finagro-movil-agronegocio-1-1.apk

Filesize
10.1MB

MD5
158c05329d0a3d4884178ffb43852d2c

SHA1
349071d8fa8e2f9cc72d413c2749f32d0eb33a60

SHA256
0feae2c84654587c5cf3102d8f73e39a19004311f60770dea69fc9aef63ffaf2

SHA512
565ff5cd233cd14927941eb9016593456620066c44d893ada9e693b88779b10e22a4ea5e8f3f1b25f4190f35997fed0c5d3ea38a9c19f51a259b7db4a797e347

Download Submit
/storage/emulated/0/Download/.pending-1729789174-finagro-movil-agronegocio-1-1.apk (deleted)

Filesize
7.0MB

MD5
44f5c6eaf0b53e9c2a4ce2f4349fb296

SHA1
bd00e7a8c7c46e9ed89ad282fbddb885c23ed540

SHA256
d554f1254e8399061dab145ed40df1fb7709ffce43fc6ff5a8eaeb842e4ce33f

SHA512
56749dec50b15dbde11067961dca6493c025965ba0f1becba73666ba579fc0c695a36c8936eaf15e1a9c046ce07e1933d511dea03923235bd376a9cba1a0439c

Download Submit