pegasus | ade8bef0ac29fa363fc9afd958af0074478aef650adeb0318517b48bd996d5d5

Analysis

max time kernel
13s
max time network
20s
platform
android_x64
resource
android-x64-arm64-20240624-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240624-enlocale:en-usos:android-11-x64system
submitted
14-12-2024 14:32

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

sample5.apk
Size

257KB
MD5

7c3ad8fec33465fed6563bbfabb5b13d
SHA1

e5920f3723e62e1850157f09baf556006bf80f74
SHA256

ade8bef0ac29fa363fc9afd958af0074478aef650adeb0318517b48bd996d5d5
SHA512

75da7c118879d9430fb13c5a51d76e1278f0c1474d5cc25c4b9684b7d8c0f93b2e44584eee0f8b0d12016bc1efad367b45ff9ca5609853ae345b6d802ff63d10
SSDEEP

6144:OiJF1SCwcTjQGPihLcfUmu9XuS0nbkDIyTkRJ0P1d41RiFV1iFuU:OqF1VHzqLcfIJ4bqIeP9d4jkKFuU

Score

10^/10

pegasus collection discovery infostealer trojan

Malware Config

Signatures

Pegasus
Pegasus is a commercial Android spyware first seen in 2016.
infostealer trojan pegasus
Pegasus family
pegasus

Reads the contacts stored on the device. 1 TTPs 1 IoCs

collection

Contact List

T1636.003

description	ioc	Process
URI accessed for read	content://com.android.contacts/contacts	com.network.android

Reads the content of the browser bookmarks. 1 TTPs 1 IoCs

collection

Data from Local System

T1533

description	ioc	Process
URI accessed for read	content://browser/bookmarks	com.network.android

Reads the content of the call log. 1 TTPs 1 IoCs

collection

Call Log

T1636.002

description	ioc	Process
URI accessed for read	content://call_log/calls	com.network.android

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.network.android

com.network.android
1⤵
- Reads the contacts stored on the device.
- Reads the content of the browser bookmarks.
- Reads the content of the call log.
- Queries information about active data network
PID:4541

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Connections Discovery

T1421

Lateral Movement

Collection

Data from Local System

T1533

Protected User Data

T1636

Call Log

T1636.002

Contact List

T1636.003

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.network.android/logs/0vlt.dat

Filesize
12B

MD5
b97bd2ad01697ad90da4c9fc1de10b5c

SHA1
8fea5806326c6353b7d5407ea78474b55141b48c

SHA256
58c5bd6566fe9bb553225d1e21a8e79d03cbbf611eb7c0de2568905929cf2ccf

SHA512
89b098ff11edc0db99cca5d6288777c089687f9fd96d92e0a6c4392be1161ebd698a2eeb914044ad26e87792f536eefae92504ee38171b270dd8722fe5565dc9

Download Submit
/data/data/com.network.android/logs/0vlt.dat

Filesize
12B

MD5
7afdc5caa0446f28d95a135822697b72

SHA1
0715a4340f430f350436e60aabd41f8529b375f1

SHA256
a53ce9b8fb5aec6fe423e4d37eb2eaac64898b7f6fb8c51757169da50571fb93

SHA512
0791cf8564b55eda371c6fae257a0c11931777cc27f0ba78ebdc90b189119099dc126e2cb6db545585633b88ee1389cc24f83485077fcc9fbaca942f7586f146

Download Submit
/data/data/com.network.android/logs/0vlt.dat

Filesize
12B

MD5
040ebb546066539d5bace40460ff6657

SHA1
5f57417f5037cc5c59983f75431b7444576a1fcf

SHA256
e8543e0aa4676eb625ce5b713085cf56958dbf7e262abbb907e334039edabaeb

SHA512
5c22e29deb7d299e3291364e7c7886645f6d7d3e49e8308d5df746b0d9094bfb993b90a4eea42ecbe004e1045fa172ea6793b0409222eeeeed3719fb5e961420

Download Submit
/data/data/com.network.android/logs/0vlt.dat

Filesize
12B

MD5
83b46a9003595c290070a35321254b20

SHA1
af83a64c55cbe5b684a3e98e4224e229e072a07c

SHA256
86c8335ec5b9c23b145101aafee5f961271fa70541451aa1a757c5b2ad7c591c

SHA512
1a74d54fb9f39f7dfb72dd0dcc57985328bcdb30f78f576bd5d025b301b968f0a3162541f88768fe453391d20285b960113a59d76fdb2db7cd9c9cb206474195

Download Submit
/data/data/com.network.android/logs/0vlt.dat

Filesize
12B

MD5
31a5dee5e000b7897f8a398c6e2174b9

SHA1
74369488239322f68791b625f3e697e53e4e5f8c

SHA256
e4c5389246c6934dd7c313e80926802b62620b08db7b1393630a2f0005105743

SHA512
147d48d2435aec97ace975ac2e8eddafd2c3262ec9e54272d5a69b6918d43fcf2e4fa8a945b7225818d8afb1e30f1082f5dd8b25c46b2e46f64f5ead4a319930

Download Submit
/data/user/0/com.network.android/databases/NetworkManagerData.db

Filesize
16KB

MD5
f64a816e653835b07054fb6ff9c91524

SHA1
8a78b568a09bfa940d8d4c1d889c92dd962047ac

SHA256
f942e329bb4d8e844e2ee2cee3fa71212fbf26c1016a5dec8eaf529716d0479a

SHA512
32195c3faf677215d7e9a9c1809585c93b981edea59c111d41110df1a10913edce7b11d2ca12c83b01cc0fd57ce4667ad9f101fbff4273de4a020919e718dd10

Download Submit
/data/user/0/com.network.android/databases/NetworkManagerData.db-journal

Filesize
8KB

MD5
1ac9ec8476ab1c2f124500e4ca185bf0

SHA1
f8600d76a5df3ec53c2113f7f24c352046268dab

SHA256
ba6e14cfe94b94639ac6adbee8720ac4e27f14536ac057272c9ce91507a7b72e

SHA512
fed474ab1d82cd0f696017e629305b2598634449234b2564dbad52a767a7245d9602f3defb3d5f445a975b39e3c97002736b270bc03b3db50c60d67b796e18d4

Download Submit
/data/user/0/com.network.android/databases/NetworkManagerData.db-journal

Filesize
8KB

MD5
217799137ef8ee03371f3ee50d59f492

SHA1
b51d7f64f48b4a644345ec7709f7d854dc407194

SHA256
009a8264f245456bdbbd2ddc197be33a1511e7a7da24da6cb5dc8154c80aea5b

SHA512
c5068c8f2828490793533165725a7f8229f9a87a327fc0f50c0496714d050b065fdecca34541936dca1ed9c886c5a435313fd0784abcedbc89c05d07309828da

Download Submit
/data/user/0/com.network.android/databases/NetworkManagerData.db-journal

Filesize
512B

MD5
9d8e5cde196edfd36de1dd641efdc8ec

SHA1
c9f61b6b65fd591981f5c04bbe06af4886a5e2cc

SHA256
3cc2b8f3da663e01518ca4585bb2069006aa89eb79f40d9321c0ac32e6770c6e

SHA512
cf7372fa7145e7851b2062c82b70fb46946361737d7106c263a87aa05d25fc57088d55c4198a18a4dfaf092dca40796d851e5aad35c53f64e3784269f8486d26

Download Submit
/data/user/0/com.network.android/pex.dat

Filesize
12KB

MD5
138d764910cb46a05b83d5af830dcfd4

SHA1
583dafb10cbfa0941821d9fe721b4a28498ae656

SHA256
0aa2c4123b0ccd2e11f3ea6bf425488da6b7db400745fb43e8563aa1d5f95731

SHA512
874b0c9745cb1446ae6e826e7888b08e1e7127b790bf3842093d16499175922a6305c7244c9b42a854cd7685bbe18d879cb057d59ed45bd30fd9dc11748e3584

Download Submit
/data/user/0/com.network.android/srcsu.dat

Filesize
8KB

MD5
f091e95aa696a326b4b948869fd3df78

SHA1
3e2b4a81bac630973a990ed1e9e0a973158a818a

SHA256
5f1c4d94b3c91704c3955b8954ce543eecb292da4a58b7c61e7592adcffa0f33

SHA512
0b5ed603ca79db5a98e2b4e24d98eecedc7bcdc660efb37241f9c3e40a68e9fab5caac53a1a4e3fb6cfd99ac40c0ab8acf63d4e5ff96c7ab03aebec4f87b35f0

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads