smsagent | 0e9f441aab2adab33397cd43e14be9cfeb1f19c76960de45013ac7ec6043d7de | Triage

Sharing

General

Target

Красный_Шарик..1.apk
Size

6.4MB
Sample

250203-t89mkswqfy
MD5

724f8953aa966c3de4ffeab4bb5e5234
SHA1

05f78bdcab2d34c3b3ad26f3951d7094e47bd242
SHA256

0e9f441aab2adab33397cd43e14be9cfeb1f19c76960de45013ac7ec6043d7de
SHA512

2f5856c2608ceb49996b4c3db32bba3ab003fd17d7e8937329276cfc94a72d74a95bdaa5ccf869c27b9e4f012e2b8875af86a52af01bbb19a6fc9d0b6a42d52d
SSDEEP

98304:yRAt0D2rXrWOTcFli436ZHY5q6YeG5f9IA9NKOtzIz4Tkxop7UWEc/xPaEmkl/GU:Tp+j36ZMDYTxZAOt1QsIp4xPaEmIsYT

Score

10^/10

smsagent android defense_evasion impact persistence

Malware Config

Targets

- Target
  
  Красный_Шарик..1.apk
- Size
  
  6.4MB
- MD5
  
  724f8953aa966c3de4ffeab4bb5e5234
- SHA1
  
  05f78bdcab2d34c3b3ad26f3951d7094e47bd242
- SHA256
  
  0e9f441aab2adab33397cd43e14be9cfeb1f19c76960de45013ac7ec6043d7de
- SHA512
  
  2f5856c2608ceb49996b4c3db32bba3ab003fd17d7e8937329276cfc94a72d74a95bdaa5ccf869c27b9e4f012e2b8875af86a52af01bbb19a6fc9d0b6a42d52d
- SSDEEP
  
  98304:yRAt0D2rXrWOTcFli436ZHY5q6YeG5f9IA9NKOtzIz4Tkxop7UWEc/xPaEmkl/GU:Tp+j36ZMDYTxZAOt1QsIp4xPaEmIsYT
Score

6^/10

defense_evasion impact persistence
- Acquires the wake lock
- Makes use of the framework's foreground persistence service
  Application may abuse the framework's foreground service to continue running in the foreground.
  defense_evasion persistence
behavioral1 behavioral2 behavioral3

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

Broadcast Receivers

Foreground Persistence

Privilege Escalation

Defense Evasion

Foreground Persistence

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Data Encrypted for Impact

Tasks

static1

behavioral1

defense_evasionimpactpersistence

behavioral2

impactpersistence

behavioral3

defense_evasionimpactpersistence