Analysis
-
max time kernel
175s -
max time network
1776s -
platform
android-9_x86 -
resource
android-x86-arm-20240910-en -
resource tags
arch:armarch:x86image:android-x86-arm-20240910-enlocale:en-usos:android-9-x86system -
submitted
18-12-2024 11:48
Behavioral task
behavioral1
Sample
ADE8BEF0AC29FA363FC9AFD958AF0074478AEF650ADEB0318517B48BD996D5D5.apk
Resource
android-x86-arm-20240910-en
Behavioral task
behavioral2
Sample
ADE8BEF0AC29FA363FC9AFD958AF0074478AEF650ADEB0318517B48BD996D5D5.apk
Resource
android-x64-20240910-en
Behavioral task
behavioral3
Sample
ADE8BEF0AC29FA363FC9AFD958AF0074478AEF650ADEB0318517B48BD996D5D5.apk
Resource
android-x64-arm64-20240910-en
General
-
Target
ADE8BEF0AC29FA363FC9AFD958AF0074478AEF650ADEB0318517B48BD996D5D5.apk
-
Size
257KB
-
MD5
7c3ad8fec33465fed6563bbfabb5b13d
-
SHA1
e5920f3723e62e1850157f09baf556006bf80f74
-
SHA256
ade8bef0ac29fa363fc9afd958af0074478aef650adeb0318517b48bd996d5d5
-
SHA512
75da7c118879d9430fb13c5a51d76e1278f0c1474d5cc25c4b9684b7d8c0f93b2e44584eee0f8b0d12016bc1efad367b45ff9ca5609853ae345b6d802ff63d10
-
SSDEEP
6144:OiJF1SCwcTjQGPihLcfUmu9XuS0nbkDIyTkRJ0P1d41RiFV1iFuU:OqF1VHzqLcfIJ4bqIeP9d4jkKFuU
Malware Config
Signatures
-
Pegasus
Pegasus is a commercial Android spyware first seen in 2016.
-
Pegasus family
-
Reads the contacts stored on the device. 1 TTPs 1 IoCs
description ioc Process URI accessed for read content://com.android.contacts/contacts com.network.android -
Reads the content of the browser bookmarks. 1 TTPs 1 IoCs
description ioc Process URI accessed for read content://browser/bookmarks com.network.android -
Reads the content of the call log. 1 TTPs 1 IoCs
description ioc Process URI accessed for read content://call_log/calls com.network.android -
Queries information about active data network 1 TTPs 1 IoCs
description ioc Process Framework service call android.net.IConnectivityManager.getActiveNetworkInfo com.network.android -
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
description ioc Process Framework service call android.app.IActivityManager.registerReceiver com.network.android
Processes
Network
MITRE ATT&CK Mobile v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
16KB
MD5b1b07690091ef56446cb1e2105e92d78
SHA1a7c2ff91432530df5e42131b557029d481f5f44e
SHA2562cbd6c123ba0396b016401cc9590cf6b7ce23538f57398e34615cdd614bda3cb
SHA51289f4f33b7cd99eb06c1ee71baba6724ac1297f006789070f4bb1441f0de113ad7685995884f47356f8bcfeb559c4e7d57d2dc2fc4321bda21208a87b1ba0bacb
-
Filesize
512B
MD5161e391de1d931abccd1f61b75f8e49e
SHA1d4edb9c735a5f81ffacd320181c6014fe9aeace7
SHA256bde98ede447788e854fc100e8e53a8716e52e01781b5dbc0bed7749b6d99e636
SHA512b6ee3383ce50858e5212752c80b843199ac5f6a8193268e07d2306a74acd0a95e4ce6493034cb05a4fb8dce5cf584395237bec98edb80f7eac85eeea424f4a92
-
Filesize
32KB
MD5bb7df04e1b0a2570657527a7e108ae23
SHA15188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012
-
Filesize
28KB
MD5b47662f2b5335defd96ad07282f8fbcd
SHA1afd5af246da5692cb73ea3a367765042dd691ec8
SHA256f08c0ccbfd350cf6ad4dcee17df8f583f774b10b6be7444b8b693abf5cfb6614
SHA51228ae6a7156d3ada214be057628e822faa7c525e482834646633f5f150f20391c650580e0934b9fde929fe8bfb8e8f90ec00567daacd78c165ccf975db01ce228
-
Filesize
12B
MD5efee9598cb4cdb2dcd6cb3c71509a179
SHA13d537b14646077f9e4fe0294d70105cf6a65b6a3
SHA25693516087d55d0924ded05728dab462e41610b2802b7d4d55630100155b024852
SHA51267c1b55051ab1be2e3d049fcd7a3b2d58fead3b514da59af6bcb088d615d1408d434bdd2f3196b6323a984e44084b219ad1595ea3ae2cdfe9937b6290bdfc248
-
Filesize
12B
MD51ac2984e7b0776f5957ed342acc8a6bb
SHA1de3062433ce8215ee21bd640ab12ea521aa0a4d0
SHA2569d52ea58a8f2f80bd9cec5fc9d8a58e6ac6a74a4ab2aac03e9fce4c825cd0b9f
SHA512a95bf5cc872a4c1220a85de72b2277cc1150d2dbf18d376f2d1ab21929a27cca342f187510134b729f5f0c3899e30ed434f4781a17ef043eb8cde559f5618d7c
-
Filesize
12B
MD566e1cee196960093adaeeb63f7ad3f9d
SHA15c2ace037edc413d6311bfaa696af61408194122
SHA256f805267b4361a636012e89dc9459238b44791f1d6498583e85c1d2c5a91c8cb9
SHA512e20171e47675da9ce27c4d367bc2a04ca4400eec095d74573219fe43d8b3ecb383b1abb8cdd0623bcf07a1ed4c0af67bf38408e231a686ad27a7aa531d35cd4f