1f8ce705944a8ebaba255cd8e5dfdf7ef642d1fc4e88b83bebe69d2c03b42f01

Resubmissions

27/11/2024, 09:54

241127-lxnlzavpdm 10

05/12/2023, 11:00

231205-m366yaaf3t 7

Analysis

max time kernel
2s
max time network
34s
platform
android_x86
resource
android-x86-arm-20240624-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
submitted
27/11/2024, 09:54

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

pam_sigma_sbrf_ru_81693638.apk
Size

12.1MB
MD5

7882ee34e47db793d7f7857b9690d6cb
SHA1

3e92b7951f4517cc69615a7579a7327923157bc6
SHA256

1f8ce705944a8ebaba255cd8e5dfdf7ef642d1fc4e88b83bebe69d2c03b42f01
SHA512

50e97155d5cb4da585fe065710708120edc840091f8d6b714579980e7fd0b28d7863e666b7fdcf7a98bf4e80fc2223fd6d9847b66f8d6e2b02c44f3f5b74abaf
SSDEEP

393216:O/9zr7/UoBVqJbFaXeFo4MZICqubvjaUuT6Fu:kzXMoV4lYZIJfeu

Score

6^/10

collection discovery impact

Malware Config

Signatures

Legitimate hosting services abused for malware hosting/C2 1 TTPs 2 IoCs

Web Service

T1102

flow	ioc
6	raw.githubusercontent.com
7	raw.githubusercontent.com

Reads information about phone network operator. 1 TTPs
discovery

System Network Configuration Discovery
T1422

Requests changing the default SMS application. 2 TTPs 1 IoCs

collection impact

SMS Messages

T1636.004

SMS Control

T1582

description	ioc	Process
Intent action	android.provider.Telephony.ACTION_CHANGE_DEFAULT	com.example.myapplication

com.example.myapplication
1⤵
- Requests changing the default SMS application.
PID:4223

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control