smsworm | hxxps://freerobux[.]en[.]uptodown[.]com/android/download

Analysis

max time kernel
77s
max time network
84s
platform
android_x64
resource
android-33-x64-arm64-20240624-en
resource tags

androidarch:arm64arch:x64image:android-33-x64-arm64-20240624-enlocale:en-usos:android-13-x64system
submitted
19/02/2025, 19:41

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://freerobux.en.uptodown.com/android/download

Score

10^/10

smsworm infostealer spyware trojan

Malware Config

Signatures

Android SMSWorm payload 1 IoCs

resource	yara_rule
behavioral1/files/fstream-5.dat	family_smsworm

SMSWorm
SMSWorm is an Android malware that can spread itself to a victim's contact list via SMS first seen in May 2021.
trojan infostealer spyware smsworm
Smsworm family
smsworm

Checks CPU information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/cpuinfo	com.android.chrome

Checks memory information 2 TTPs 1 IoCs

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	com.android.chrome

com.android.chrome
1⤵
- Checks CPU information
- Checks memory information
PID:4278

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

System Information Discovery

T1426

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

files/dom-0.html

Filesize
220KB

MD5
ccdddd8b7200c2475ec7f968d65c5b58

SHA1
55918197731ddc1e7de014b35021b598fed731a3

SHA256
53337c8633009b25f04d37d64f58830ca5b1204788ed4c78bdec855de319fe27

SHA512
8927e9cc7df4e7f80aa2e658ef1453ac3ed6a3bbe9e1f977e256bfeeb6498a0bc8a5316fce56e5581e0ff16de88fe9d9f72a36c858239327c8bc577baa004677

Download Submit
/storage/emulated/0/Download/.pending-1740598955-freerobux-9-8.apk

Filesize
9.2MB

MD5
b9118686e011aba05435af55b4160943

SHA1
34bc9f74d4f4145baa74074d54e532c1e62c4891

SHA256
6de7edf048a8158b578762cba510bdba610deb1f02c841124f2a5aa64393a862

SHA512
d99e2c204e097d1187c1e4d52b30d31fbe0ecac91bf120ab3aa036596e13c51550f222291686310c097ba1a6be023d7de7297c39ef81dad23d9ceb71b940ea36

Download Submit
/storage/emulated/0/Download/.pending-1740598955-freerobux-9-8.apk (deleted)

Filesize
2.4MB

MD5
2176857486c2eaf931028240295f04eb

SHA1
5c800efae64493a78c0cc29e3b4d2864e23c25ce

SHA256
1f5908ff8e7492e334c7f652c9219319ff001582e10448e3fa77c90c0de972c3

SHA512
1ae06b2c4d8d04deb5c6736db55d1108ec05fa7c4577a03165f73f5276f283de9bfc0f4c2e8ee32a3c4865687fd4806966ab4939c9b48a3fa9ac2f1f1042305d

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads