smsagent | d3c76dcafcd239e42481162a333b02bd7b94b8467c1680e9b7eba92fd795e109 | Triage

Sharing

General

Target

Roblox (1).apk
Size

6.3MB
Sample

250120-rf8tgasqez
MD5

45d0a54e86d0355be8010660eb0d5f69
SHA1

67b8d25d19d4c2fad1b6eee40f314c1a15460268
SHA256

d3c76dcafcd239e42481162a333b02bd7b94b8467c1680e9b7eba92fd795e109
SHA512

c11b33b5392111a9c00d9a5502a02dad40bfdb95261c65d2f1f708faef302412a168854db8289dad01e66886f756764fae950135c1f60a8aa1e192fcb2c1bced
SSDEEP

98304:QEwTQPRG6+5c+H7c3f7833DAlAMWLERdcmiWSRG76JaYyCZ2zjBNIXV7:hwTQA7c+3mAMaZmZkK6AYylzVNmB

Score

10^/10

smsagent android defense_evasion impact persistence

Malware Config

Targets

- Target
  
  Roblox (1).apk
- Size
  
  6.3MB
- MD5
  
  45d0a54e86d0355be8010660eb0d5f69
- SHA1
  
  67b8d25d19d4c2fad1b6eee40f314c1a15460268
- SHA256
  
  d3c76dcafcd239e42481162a333b02bd7b94b8467c1680e9b7eba92fd795e109
- SHA512
  
  c11b33b5392111a9c00d9a5502a02dad40bfdb95261c65d2f1f708faef302412a168854db8289dad01e66886f756764fae950135c1f60a8aa1e192fcb2c1bced
- SSDEEP
  
  98304:QEwTQPRG6+5c+H7c3f7833DAlAMWLERdcmiWSRG76JaYyCZ2zjBNIXV7:hwTQA7c+3mAMaZmZkK6AYylzVNmB
Score

6^/10

defense_evasion impact persistence
- Acquires the wake lock
- Makes use of the framework's foreground persistence service
  Application may abuse the framework's foreground service to continue running in the foreground.
  defense_evasion persistence
behavioral1 behavioral2 behavioral3

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

Broadcast Receivers

Foreground Persistence

Privilege Escalation

Defense Evasion

Foreground Persistence

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Data Encrypted for Impact

Tasks

static1

behavioral1

defense_evasionimpactpersistence

behavioral2

behavioral3