pegasus | ade8bef0ac29fa363fc9afd958af0074478aef650adeb0318517b48bd996d5d5

Analysis

max time kernel
113s
max time network
137s
platform
android_x86
resource
android-x86-arm-20240624-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240624-enlocale:en-usos:android-9-x86system
submitted
17/12/2024, 18:58

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

ADE8BEF0AC29FA363FC9AFD958AF0074478AEF650ADEB0318517B48BD996D5D5.apk
Size

257KB
MD5

7c3ad8fec33465fed6563bbfabb5b13d
SHA1

e5920f3723e62e1850157f09baf556006bf80f74
SHA256

ade8bef0ac29fa363fc9afd958af0074478aef650adeb0318517b48bd996d5d5
SHA512

75da7c118879d9430fb13c5a51d76e1278f0c1474d5cc25c4b9684b7d8c0f93b2e44584eee0f8b0d12016bc1efad367b45ff9ca5609853ae345b6d802ff63d10
SSDEEP

6144:OiJF1SCwcTjQGPihLcfUmu9XuS0nbkDIyTkRJ0P1d41RiFV1iFuU:OqF1VHzqLcfIJ4bqIeP9d4jkKFuU

Score

10^/10

pegasus collection discovery infostealer persistence trojan

Malware Config

Signatures

Pegasus
Pegasus is a commercial Android spyware first seen in 2016.
infostealer trojan pegasus
Pegasus family
pegasus

Reads the contacts stored on the device. 1 TTPs 1 IoCs

collection

Contact List

T1636.003

description	ioc	Process
URI accessed for read	content://com.android.contacts/contacts	com.network.android

Reads the content of the browser bookmarks. 1 TTPs 1 IoCs

collection

Data from Local System

T1533

description	ioc	Process
URI accessed for read	content://browser/bookmarks	com.network.android

Reads the content of the call log. 1 TTPs 1 IoCs

collection

Call Log

T1636.002

description	ioc	Process
URI accessed for read	content://call_log/calls	com.network.android

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.network.android

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	com.network.android

com.network.android
1⤵
- Reads the contacts stored on the device.
- Reads the content of the browser bookmarks.
- Reads the content of the call log.
- Queries information about active data network
- Registers a broadcast receiver at runtime (usually for listening for system events)
PID:4257

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Connections Discovery

T1421

Lateral Movement

Collection

Data from Local System

T1533

Protected User Data

T1636

Call Log

T1636.002

Contact List

T1636.003

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.network.android/databases/NetworkManagerData.db

Filesize
16KB

MD5
b1b07690091ef56446cb1e2105e92d78

SHA1
a7c2ff91432530df5e42131b557029d481f5f44e

SHA256
2cbd6c123ba0396b016401cc9590cf6b7ce23538f57398e34615cdd614bda3cb

SHA512
89f4f33b7cd99eb06c1ee71baba6724ac1297f006789070f4bb1441f0de113ad7685995884f47356f8bcfeb559c4e7d57d2dc2fc4321bda21208a87b1ba0bacb

Download Submit
/data/data/com.network.android/databases/NetworkManagerData.db-journal

Filesize
512B

MD5
238a301eb3a75558adbe1e67ace7970b

SHA1
6df24b0878dac52b83251daa966c8c1c899ef8f2

SHA256
1c8e6012e0c7e07cb4ae52add099fffd6f10095a85b3517ee0d6071a0493bfe4

SHA512
68ffeba034daa9ba8042939e3d2fc71411f759678612628d449d807cde373d35a8d71d2c5aa4d19767df132ff1fcdf958edbf4347f016177e674e6a66031b1f0

Download Submit
/data/data/com.network.android/databases/NetworkManagerData.db-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/com.network.android/databases/NetworkManagerData.db-wal

Filesize
28KB

MD5
22c2ed15f2b81b5a665a3f13b098353a

SHA1
f89ed6e3373033630e90e4fc1df3b134c73b3df9

SHA256
5098990e422ce8c923e65d67a4c10fafb1fad45c3be869de4090f2a2c94f8b9c

SHA512
8e87920e2e19855ffe1cc94cc6d990ab0ab0089a74e57c41b0a38b2303d68ad32826beffb850facf8aab92fa40d44c5e6de91d0cb56dc9b2c91a5723eaef3a61

Download Submit
/data/data/com.network.android/logs/0vlt.dat

Filesize
12B

MD5
16cf2367274fa597076095d59733cd6a

SHA1
d566433b6aa93eb872f0f7c033d10e7b3c76080e

SHA256
fbb65bef1a0cfe8c33e958663593cfc57a9d997967709a6ecf7363dbfda4b3ff

SHA512
ed749afd46ed8df51d902ea1c0c25c92cfa461cf63a499a829eed3f6b85cdbc655fb5fd634eea0173a848b7c5980fd7fe1163ae0e778c8816532c6d07b8cc652

Download Submit
/data/data/com.network.android/logs/0vlt.dat

Filesize
12B

MD5
00eec7b91792033f3ec8836d7ad2b6a0

SHA1
8c9a53f8aa7a366ddff84827f4f50b1db46d33b5

SHA256
7bce92c98bf3bd4fefe070494bc3d47fd4521673fe4d14bff6f3ef5d519c17ae

SHA512
5f272104518a5c2a904b3335d8b738b0af97a19a3d915ebd091a604f2d70af94d0b13aadc34c4668d2891502ab4e3bb7fc9c43a426a13e9361718bdffab1de61

Download Submit
/data/data/com.network.android/logs/0vlt.dat

Filesize
12B

MD5
89ac99637f2aaee511a2bca2d2b4bd1f

SHA1
60353f579fcd7e348124ed757574846e863b024a

SHA256
c0b971af775834d2eb6fe70a43aea7f9c070ba0fa3988750fcbf85270cfe6657

SHA512
3a523031f9b57e2183de3c540b1203f0af4e78f1c1de6c786a6e330233c03849804987dcc93b16cae016c637ea988571b9c38bb7ebaf91805b838efa1b882aa2

Download Submit
/data/data/com.network.android/logs/0vlt.dat

Filesize
12B

MD5
c34b856958aabc5e519c0cd8ad7c8e6a

SHA1
b8e4bb3264d6f3f81d6d6c2181d425cbeb6e2fe5

SHA256
d29589154b409dd69f6b623fb2c02a2547f15867767e7651de41e2ceef7d3006

SHA512
d1bb49942d692a46ee4871860ddf786014c0823f408be22abb26d63f0ab0776c0dacadce6603eebc9fcfd092277da006983fdf8929b781d986da41b884df3388

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads