Overview

overview

10

Static

static

10

3c273166c5...70.apk

android-9-x86

7

3c273166c5...70.apk

android-10-x64

7

3c273166c5...70.apk

android-11-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    3c273166c5221614198a7bbe0ed8ed0738ca4b62321a8d44a43fa7353a9f7d70.zip

  • Size

    4.1MB

  • Sample

    241219-va6zgawkew

  • MD5

    16aa7bf904f0e97475dcd8e5e9704151

  • SHA1

    900335646d68cf3fe8dcf5edef3d3a9beda306ca

  • SHA256

    24dff35f884edbe5c1dad00ff4ceb6a429857f9eef9e179658105d77793df37b

  • SHA512

    158ac70a93d67b025501e872fe01e4301799f3e55c1de4da7e6ad061e41dbe1dc1cff34d06f0c7116e78537ad23fea04409fd66100ce8a846b28d4812eba1a64

  • SSDEEP

    98304:Yh/o/rqn8Kh2nT0Qwwe3OYzX6Xbw6BKwcfbRXaqS8iD7imn:YRL2TS3lzX8wW5MlS8i7

Score
10/10
furballandroidcollectioncredential_accessdiscoveryevasionimpactpersistence

Malware Config

Extracted

Family

furball

C2

http://www.googleassisstants.com/mmh

Targets

    • Target

      3c273166c5221614198a7bbe0ed8ed0738ca4b62321a8d44a43fa7353a9f7d70

    • Size

      4.9MB

    • MD5

      25ebf4b9f77b51dc09eb8cb590d737e6

    • SHA1

      dd5f036a591611603b964e9c7bce3d901657b67b

    • SHA256

      3c273166c5221614198a7bbe0ed8ed0738ca4b62321a8d44a43fa7353a9f7d70

    • SHA512

      476d6d41484e1fbdba4cbf63539081b5616d1edc41fffc98062e87bfcfc7cdf2e3a195b8e64861ea7f31a7a26cb48f1c43a3cf5b006bf1d61d973a7607cc9a8b

    • SSDEEP

      98304:aPfQWnSNff2dCFZuM876xK9yx3qpA2DSaX+SexUQt7i0rJDuE:aAQv76oIx3qO2DeSemQjuE

    Score
    7/10
    collectioncredential_accessdiscoveryevasionimpactpersistence

    • Obtains sensitive information copied to the device clipboard

      Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

      collectioncredential_accessimpact

    • Queries account information for other applications stored on the device

      Application may abuse the framework's APIs to collect account information stored on the device.

      collection

    • Queries the phone number (MSISDN for GSM devices)

      discovery

    • Reads the contacts stored on the device.

      collection

    • Reads the content of the call log.

      collection

    • Makes use of the framework's foreground persistence service

      Application may abuse the framework's foreground service to continue running in the foreground.

      evasionpersistence

    • Queries information about active data network

      discovery

    • Queries the mobile country code (MCC)

      discovery

    • Queries the unique device ID (IMEI, MEID, IMSI)

      discovery
    behavioral1behavioral2behavioral3

MITRE ATT&CK Mobile v15

Tasks