pegasus | ade8bef0ac29fa363fc9afd958af0074478aef650adeb0318517b48bd996d5d5

Analysis

max time kernel
103s
max time network
160s
platform
android-11_x64
resource
android-x64-arm64-20240910-en
resource tags

arch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240910-enlocale:en-usos:android-11-x64system
submitted
17/12/2024, 18:13

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

ADE8BEF0AC29FA363FC9AFD958AF0074478AEF650ADEB0318517B48BD996D5D5.apk
Size

257KB
MD5

7c3ad8fec33465fed6563bbfabb5b13d
SHA1

e5920f3723e62e1850157f09baf556006bf80f74
SHA256

ade8bef0ac29fa363fc9afd958af0074478aef650adeb0318517b48bd996d5d5
SHA512

75da7c118879d9430fb13c5a51d76e1278f0c1474d5cc25c4b9684b7d8c0f93b2e44584eee0f8b0d12016bc1efad367b45ff9ca5609853ae345b6d802ff63d10
SSDEEP

6144:OiJF1SCwcTjQGPihLcfUmu9XuS0nbkDIyTkRJ0P1d41RiFV1iFuU:OqF1VHzqLcfIJ4bqIeP9d4jkKFuU

Score

10^/10

pegasus collection discovery infostealer trojan

Malware Config

Signatures

Pegasus
Pegasus is a commercial Android spyware first seen in 2016.
infostealer trojan pegasus
Pegasus family
pegasus

Reads the contacts stored on the device. 1 TTPs 1 IoCs

collection

Contact List

T1636.003

description	ioc	Process
URI accessed for read	content://com.android.contacts/contacts	com.network.android

Reads the content of the browser bookmarks. 1 TTPs 1 IoCs

collection

Data from Local System

T1533

description	ioc	Process
URI accessed for read	content://browser/bookmarks	com.network.android

Reads the content of the call log. 1 TTPs 1 IoCs

collection

Call Log

T1636.002

description	ioc	Process
URI accessed for read	content://call_log/calls	com.network.android

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.network.android

com.network.android
1⤵
- Reads the contacts stored on the device.
- Reads the content of the browser bookmarks.
- Reads the content of the call log.
- Queries information about active data network
PID:4716

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Connections Discovery

T1421

Lateral Movement

Collection

Data from Local System

T1533

Protected User Data

T1636

Call Log

T1636.002

Contact List

T1636.003

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.network.android/logs/0vlt.dat

Filesize
12B

MD5
d1c8ff5237b88aea6dac021e27b7bdb1

SHA1
7fac35ff6bf296ab51ddd148c4fe4f523c911284

SHA256
33296943127d6d3a0d6be9a727e05f812d6aa9a6b184c83599568e018b659237

SHA512
41ed800ca0349ee36cb308ec4c4c75dbb4b233212b98016ab51aba9ffe2eb2f780b08991230d2c087fb6976269322e1cb8103aa672bd675639da61344fb81479

Download Submit
/data/data/com.network.android/logs/0vlt.dat

Filesize
12B

MD5
f06579cb58a639feb7d29a61b48d1c7d

SHA1
7ce1cb368be0f10584c6cc2934a99becbcbeddd4

SHA256
090536cf0f5f478df1b601800600ad27269750fc1032ec33e32150cf57657d94

SHA512
fe83e45941500d002f788f8222104214518e16a29576c6c885951a9b53087a10be9753a75aefdda5e84c3bfc6c2b6338db46abdf6c77566d96146e290a4ac5c4

Download Submit
/data/data/com.network.android/logs/0vlt.dat

Filesize
12B

MD5
c9da35a54c64786ec7d44c4c0b460832

SHA1
39badf3b11294904943a800c1850fe899a04f614

SHA256
a23b3d9b88c5c03b254c4c17b3538599d1627bfec41cbab157f61035210d90b7

SHA512
acb6955764741c8e8ae4fbda2c158d4fddfa384afbfca795f1126ae8967c52d07a9c79e3faa5a1d5f7a1eb31cc0ed8e9846ccb9786d8996fcec42c4bb30e8e54

Download Submit
/data/data/com.network.android/logs/0vlt.dat

Filesize
12B

MD5
a8225c55e979f7eca7dad779a1eeaec3

SHA1
0b1e6148c6588ae8540c97aeb5ae98ac7e14d9a9

SHA256
8e128a72a3ada82b65030f644243a2280dc752a889fb242ac8387fa787ffcde5

SHA512
0df03d6adbf3399aa5f188b9e6a8c9b5611f1edc49af396a72747467bf7a918534c76f28ebc69740dda6348271febd78df9d8dffa44d5b54e9331cbb9cfecd4f

Download Submit
/data/data/com.network.android/logs/0vlt.dat

Filesize
12B

MD5
a3aee01326e3debb707d237ad87a5e12

SHA1
259f8492cd5c7cbb8a07ec4a1f6bc182d974c407

SHA256
7148a3dab50e14b5e5ce0dc987125374ffb055ed3f9d5ef74c0f849acd3cd28d

SHA512
d17252f18d6856c62361308335630fe47f7ec3e89a8d077eeae70d9f3fab58d03b1d2f41827595b2e7776c8558565410256b238a2909408b12abcb6a69f77142

Download Submit
/data/user/0/com.network.android/databases/NetworkManagerData.db

Filesize
16KB

MD5
f64a816e653835b07054fb6ff9c91524

SHA1
8a78b568a09bfa940d8d4c1d889c92dd962047ac

SHA256
f942e329bb4d8e844e2ee2cee3fa71212fbf26c1016a5dec8eaf529716d0479a

SHA512
32195c3faf677215d7e9a9c1809585c93b981edea59c111d41110df1a10913edce7b11d2ca12c83b01cc0fd57ce4667ad9f101fbff4273de4a020919e718dd10

Download Submit
/data/user/0/com.network.android/databases/NetworkManagerData.db-journal

Filesize
8KB

MD5
3398caf7ee017b8a78bd46a225b546bd

SHA1
ae739473b988659c20063bec65854fd01a022c89

SHA256
b9fae22bd1c489170213edbe9e316d600744258201e8552d122df40e05c861fc

SHA512
cf13bb3fd7f2bb0793691bd7a409b35d5c8cd6a761bbf6bb4bafd5139ade80b49416e1783a683e040f51b30f7e096182f8fe2a78e054ee1bb8b6ef9a64105108

Download Submit
/data/user/0/com.network.android/databases/NetworkManagerData.db-journal

Filesize
8KB

MD5
6f89e825c7311dac3e93f907bfa024a5

SHA1
57785546db913966358757c9a395f26dc295ecd9

SHA256
3c87c596508c8f25c38ba24fb209fc0cc49875ed7177d1b99f77a5e4f5825866

SHA512
98b45ff3c2ee0950cc7c1ba56a3359a949863a1bff1fff87ce69ecfbdb543e60b72627f4b7ebf14f81a480e0c3ddf6d67889c8f8badda2d665de07ef66e89886

Download Submit
/data/user/0/com.network.android/databases/NetworkManagerData.db-journal

Filesize
512B

MD5
dab15e36efb7be2ca20162117b173975

SHA1
9f5b96baf943e35c74f922fa4335c5c6bf73093e

SHA256
1153b36567e9c1212ae96ccbb844931d047f6463f47415f27edef68d836104c7

SHA512
5efcb0af4b1e7db879bda76532565e762f2fcfc6a96b94395fb66caa807dd8bb43ae637f27690a244e01560d16e5bf4815854fd943fd1accef6bf324fe53ab86

Download Submit
/data/user/0/com.network.android/pex.dat

Filesize
12KB

MD5
138d764910cb46a05b83d5af830dcfd4

SHA1
583dafb10cbfa0941821d9fe721b4a28498ae656

SHA256
0aa2c4123b0ccd2e11f3ea6bf425488da6b7db400745fb43e8563aa1d5f95731

SHA512
874b0c9745cb1446ae6e826e7888b08e1e7127b790bf3842093d16499175922a6305c7244c9b42a854cd7685bbe18d879cb057d59ed45bd30fd9dc11748e3584

Download Submit
/data/user/0/com.network.android/srcsu.dat

Filesize
8KB

MD5
f091e95aa696a326b4b948869fd3df78

SHA1
3e2b4a81bac630973a990ed1e9e0a973158a818a

SHA256
5f1c4d94b3c91704c3955b8954ce543eecb292da4a58b7c61e7592adcffa0f33

SHA512
0b5ed603ca79db5a98e2b4e24d98eecedc7bcdc660efb37241f9c3e40a68e9fab5caac53a1a4e3fb6cfd99ac40c0ab8acf63d4e5ff96c7ab03aebec4f87b35f0

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads