triada | accd5b8d9825f5b06118489eb29e6c5d77d880b4c7091e2a161b41764dbf3aa2 | Triage

Sharing

General

Target

WALITEX_1.60.1_CLONE.apk
Size

74.2MB
Sample

250107-sk4kzsyjfl
MD5

a1989f3d8ac2c3a28b91aa76be43c602
SHA1

604489d79a89a8f30ed37bbaf2d468cb2da59c37
SHA256

accd5b8d9825f5b06118489eb29e6c5d77d880b4c7091e2a161b41764dbf3aa2
SHA512

5c86ae367be9d3bc4b6505c238acfecc196acf879052b29932ed2a8b3e319ea53a9c2fe262c608362f5f617bb84192a9006c174a31eb8fad77a484e7e32e6db2
SSDEEP

1572864:kIK9ZgB5oOUTYbCK7v9andxULjzlXjKwobSjuKxcAe:BMaBmfT6CHXClXuVsuKG

Score

10^/10

triada android discovery evasion execution impact persistence

Malware Config

Targets

- Target
  
  WALITEX_1.60.1_CLONE.apk
- Size
  
  74.2MB
- MD5
  
  a1989f3d8ac2c3a28b91aa76be43c602
- SHA1
  
  604489d79a89a8f30ed37bbaf2d468cb2da59c37
- SHA256
  
  accd5b8d9825f5b06118489eb29e6c5d77d880b4c7091e2a161b41764dbf3aa2
- SHA512
  
  5c86ae367be9d3bc4b6505c238acfecc196acf879052b29932ed2a8b3e319ea53a9c2fe262c608362f5f617bb84192a9006c174a31eb8fad77a484e7e32e6db2
- SSDEEP
  
  1572864:kIK9ZgB5oOUTYbCK7v9andxULjzlXjKwobSjuKxcAe:BMaBmfT6CHXClXuVsuKG
Score

7^/10

discovery evasion execution impact persistence
- Loads dropped Dex/Jar
  Runs executable file dropped to the device during analysis.
  evasion
- Acquires the wake lock
- Queries information about active data network
  discovery
- Reads information about phone network operator.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Mobile v15

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Defense Evasion

Download New Code at Runtime

Virtualization/Sandbox Evasion

System Checks

Credential Access

Discovery

System Information Discovery

System Network Configuration Discovery

System Network Connections Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Data Encrypted for Impact

Tasks

static1

behavioral1

discoveryevasionexecutionimpactpersistence

behavioral2

discoveryevasionexecutionimpactpersistence