smsagent | 364748453f92475d6e408c554b26eebaf4d951d85b80c04c41fa916183a6257d | Triage

Sharing

General

Target

Red_Cube.3.apk
Size

6.4MB
Sample

250120-ybtbjsvrew
MD5

3f020099ef8579a422e171e23f737185
SHA1

7e2ce2da55903a347aa0227776888ef3cd7b0495
SHA256

364748453f92475d6e408c554b26eebaf4d951d85b80c04c41fa916183a6257d
SHA512

f76411b37d19fb443e28d3969a34b771a5154e1e9e323f16b0ad14ad4fc5a84d9a682e87c557db5478082faaa9a582f46db17c3159777c3bb8984c0534d385d5
SSDEEP

98304:LRAtiM4n4saGOZBVm+h2t4edOjuG5f9IA9RvCt9l0p7UWEc/xPaE30ZJqUoaj:ygMlm+4dcxZAtXYIp4xPaEj0j

Score

10^/10

smsagent android defense_evasion impact persistence

Malware Config

Targets

- Target
  
  Red_Cube.3.apk
- Size
  
  6.4MB
- MD5
  
  3f020099ef8579a422e171e23f737185
- SHA1
  
  7e2ce2da55903a347aa0227776888ef3cd7b0495
- SHA256
  
  364748453f92475d6e408c554b26eebaf4d951d85b80c04c41fa916183a6257d
- SHA512
  
  f76411b37d19fb443e28d3969a34b771a5154e1e9e323f16b0ad14ad4fc5a84d9a682e87c557db5478082faaa9a582f46db17c3159777c3bb8984c0534d385d5
- SSDEEP
  
  98304:LRAtiM4n4saGOZBVm+h2t4edOjuG5f9IA9RvCt9l0p7UWEc/xPaE30ZJqUoaj:ygMlm+4dcxZAtXYIp4xPaEj0j
Score

6^/10

defense_evasion impact persistence
- Acquires the wake lock
- Makes use of the framework's foreground persistence service
  Application may abuse the framework's foreground service to continue running in the foreground.
  defense_evasion persistence
behavioral1 behavioral2 behavioral3

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

Broadcast Receivers

Foreground Persistence

Privilege Escalation

Defense Evasion

Foreground Persistence

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Data Encrypted for Impact

Tasks

static1

behavioral1

defense_evasionimpactpersistence

behavioral2

impactpersistence

behavioral3

defense_evasionimpactpersistence