smsworm | b5fd30b9b94327212e8b21f8cfb376b07178b84caca5dc686f51389ff120fb37 | Triage

Sharing

General

Target

base (3).apk
Size

9.8MB
Sample

241027-bkpcmaseqj
MD5

b15051dc78c8a32ad26bea20f30655fb
SHA1

ffb552d6760d74f77a599fb76903bd734767fccb
SHA256

b5fd30b9b94327212e8b21f8cfb376b07178b84caca5dc686f51389ff120fb37
SHA512

b6c9501ccb193f0a714591a7c31d8fdc475f211edfbea6bf1887d34a122313706683bf57bc7f4e3d3d010906923dfee62aed9baf9ab0811b651bdce6f44b3988
SSDEEP

196608:qSHwc4KsH8xP0wau0dxwNROdyPpC3bRfay9rx8zHzfTvqqs9RV:jQDBdxuEOCdBeHvu

Score

10^/10

smsworm android discovery evasion execution persistence

Malware Config

Targets

- Target
  
  base (3).apk
- Size
  
  9.8MB
- MD5
  
  b15051dc78c8a32ad26bea20f30655fb
- SHA1
  
  ffb552d6760d74f77a599fb76903bd734767fccb
- SHA256
  
  b5fd30b9b94327212e8b21f8cfb376b07178b84caca5dc686f51389ff120fb37
- SHA512
  
  b6c9501ccb193f0a714591a7c31d8fdc475f211edfbea6bf1887d34a122313706683bf57bc7f4e3d3d010906923dfee62aed9baf9ab0811b651bdce6f44b3988
- SSDEEP
  
  196608:qSHwc4KsH8xP0wau0dxwNROdyPpC3bRfay9rx8zHzfTvqqs9RV:jQDBdxuEOCdBeHvu
Score

8^/10

discovery evasion execution persistence
- Checks if the Android device is rooted.
  evasion
- Acquires the wake lock
- Queries information about active data network
  discovery
- Queries the mobile country code (MCC)
  discovery
- Reads information about phone network operator.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Mobile v15

Initial Access

Execution

Scheduled Task/Job

Persistence

Event Triggered Execution

Broadcast Receivers

Scheduled Task/Job

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

System Network Configuration Discovery

System Network Connections Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionexecutionpersistence

behavioral2

discoveryevasionexecutionpersistence