otpstealer | 1f8ce705944a8ebaba255cd8e5dfdf7ef642d1fc4e88b83bebe69d2c03b42f01 | Triage

Resubmissions

27/11/2024, 09:54

241127-lxnlzavpdm 10

05/12/2023, 11:00

231205-m366yaaf3t 7

Sharing

General

Target

pam_sigma_sbrf_ru_81693638.apk
Size

12.1MB
Sample

241127-lxnlzavpdm
MD5

7882ee34e47db793d7f7857b9690d6cb
SHA1

3e92b7951f4517cc69615a7579a7327923157bc6
SHA256

1f8ce705944a8ebaba255cd8e5dfdf7ef642d1fc4e88b83bebe69d2c03b42f01
SHA512

50e97155d5cb4da585fe065710708120edc840091f8d6b714579980e7fd0b28d7863e666b7fdcf7a98bf4e80fc2223fd6d9847b66f8d6e2b02c44f3f5b74abaf
SSDEEP

393216:O/9zr7/UoBVqJbFaXeFo4MZICqubvjaUuT6Fu:kzXMoV4lYZIJfeu

Score

10^/10

otpstealer android collection discovery impact

Malware Config

Targets

- Target
  
  pam_sigma_sbrf_ru_81693638.apk
- Size
  
  12.1MB
- MD5
  
  7882ee34e47db793d7f7857b9690d6cb
- SHA1
  
  3e92b7951f4517cc69615a7579a7327923157bc6
- SHA256
  
  1f8ce705944a8ebaba255cd8e5dfdf7ef642d1fc4e88b83bebe69d2c03b42f01
- SHA512
  
  50e97155d5cb4da585fe065710708120edc840091f8d6b714579980e7fd0b28d7863e666b7fdcf7a98bf4e80fc2223fd6d9847b66f8d6e2b02c44f3f5b74abaf
- SSDEEP
  
  393216:O/9zr7/UoBVqJbFaXeFo4MZICqubvjaUuT6Fu:kzXMoV4lYZIJfeu
Score

6^/10

collection discovery impact
- Legitimate hosting services abused for malware hosting/C2
- Reads information about phone network operator.
  discovery
- Requests changing the default SMS application.
  collection impact
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Configuration Discovery

Lateral Movement

Collection

Protected User Data

SMS Messages

Command and Control

Exfiltration

Impact

SMS Control

Tasks

static1

behavioral1

collectiondiscoveryimpact