5aa7753c8f3808c71dabecc458f665358053bc0205ca2e78849accb09bd4f8d3 | Triage

Analysis

max time kernel
149s
max time network
132s
platform
android_x64
resource
android-x64-arm64-20240624-en
resource tags

androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240624-enlocale:en-usos:android-11-x64system
submitted
22-01-2025 04:33

Sharing

Report Analysis Logs

General

Target

Magisk.apk
Size

541KB
MD5

dc501babdc111ed3ea47d9af99586944
SHA1

7fcba82486c3896b527206575aa8f221f0112b81
SHA256

5aa7753c8f3808c71dabecc458f665358053bc0205ca2e78849accb09bd4f8d3
SHA512

bc18013676c273d2d88ba7739f9182236ecdaed6787ffcfe9eb2157399d2af6c76ddd47e33db9bab1b8fd94ac1a6c2a758eedc99cc7642d6ed9e669e8d209e23
SSDEEP

12288:VavjRH6+O//n3tKpSsM+1HA+jucMBfCb6vgdQPIwdgCir9k6amAs8U2b7m7+w:VYN6+ONjstgAul4bJLpCiBDRCUVh

Score

7^/10

collection impact privilege_escalation

Malware Config

Signatures

Reads the contacts stored on the device. 1 TTPs 1 IoCs

Contact List

description	ioc	Process
URI accessed for read	content://com.android.contacts/data/phones	com.elite

Tries to add a device administrator. 2 TTPs 1 IoCs

privilege_escalation impact

Device Administrator Permissions

Account Access Removal

description	ioc	Process
Intent action	android.app.action.ADD_DEVICE_ADMIN	com.elite

com.elite
1⤵
- Reads the contacts stored on the device.
- Tries to add a device administrator.
PID:4563

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Abuse Elevation Control Mechanism

Device Administrator Permissions

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Protected User Data

Contact List

Command and Control

Exfiltration

Impact

Account Access Removal

Replay Monitor

Loading Replay Monitor...

Downloads