smsagent | d14247ea058ba1c1e625370d00dcfc41afd69275065be576abb008936dc87db2 | Triage

Sharing

General

Target

Tasker_6.4.9-beta_arm64-v8a_armeabi-v7a_x86_x86_64_mod_apkdone.apk
Size

40.1MB
Sample

250114-sdxh4a1lhs
MD5

a3e67dd6627319f1bf57f22d47bd779e
SHA1

785d513dc4be4cfa90f41ad18e6935ffe8d5a2e3
SHA256

d14247ea058ba1c1e625370d00dcfc41afd69275065be576abb008936dc87db2
SHA512

7fe2023bebbaef5fc57001430f20483b127480b9342d7edf0866b08f65eb10e6b046f782e312cf6e73fd04324be311b74d80f2eb39c95a375c9293b66d1324ff
SSDEEP

786432:clLgf64/Szm6qRr8PwCQ7I+j7P3AAUsYi2IRSPzOdmdljlVWgXijsIJe:clgd/SSCPoD7PQALX2I4Pzsmd4gSI8e

Score

10^/10

smsagent android collection credential_access discovery evasion impact persistence

Malware Config

Targets

- Target
  
  Tasker_6.4.9-beta_arm64-v8a_armeabi-v7a_x86_x86_64_mod_apkdone.apk
- Size
  
  40.1MB
- MD5
  
  a3e67dd6627319f1bf57f22d47bd779e
- SHA1
  
  785d513dc4be4cfa90f41ad18e6935ffe8d5a2e3
- SHA256
  
  d14247ea058ba1c1e625370d00dcfc41afd69275065be576abb008936dc87db2
- SHA512
  
  7fe2023bebbaef5fc57001430f20483b127480b9342d7edf0866b08f65eb10e6b046f782e312cf6e73fd04324be311b74d80f2eb39c95a375c9293b66d1324ff
- SSDEEP
  
  786432:clLgf64/Szm6qRr8PwCQ7I+j7P3AAUsYi2IRSPzOdmdljlVWgXijsIJe:clgd/SSCPoD7PQALX2I4Pzsmd4gSI8e
Score

7^/10

collection credential_access evasion impact persistence discovery
- Obtains sensitive information copied to the device clipboard
  Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
  collection credential_access impact
- Acquires the wake lock
- Makes use of the framework's foreground persistence service
  Application may abuse the framework's foreground service to continue running in the foreground.
  evasion persistence
- Queries the mobile country code (MCC)
  discovery
- Requests disabling of battery optimizations (often used to enable hiding in the background).
  evasion
behavioral1 behavioral2 behavioral3

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

Broadcast Receivers

Foreground Persistence

Privilege Escalation

Defense Evasion

Foreground Persistence

Hide Artifacts

User Evasion

Virtualization/Sandbox Evasion

System Checks

Credential Access

Clipboard Data

Discovery

System Information Discovery

System Network Configuration Discovery

Lateral Movement

Collection

Clipboard Data

Command and Control

Exfiltration

Impact

Data Encrypted for Impact

Data Manipulation

Transmitted Data Manipulation

Tasks

static1

behavioral1

collectioncredential_accessevasionimpactpersistence

behavioral2

collectioncredential_accessevasionimpactpersistence

behavioral3

discoveryevasionimpactpersistence