triada | fa0ec07848c52ed7d545d04e91c4d83dbcf85291bdbdf4e8777dfff280a530b8 | Triage

Sharing

General

Target

WhatsAppPlus_V30.25_ByAlhendi.apk
Size

72.3MB
Sample

250320-1mwbdsyxgz
MD5

a3a93a4f8b3eb811d93bae8a8ed17f7f
SHA1

74f943f2ef9cf67a652fe0a21e4131e00364f0d8
SHA256

fa0ec07848c52ed7d545d04e91c4d83dbcf85291bdbdf4e8777dfff280a530b8
SHA512

7e5afc4f73238a1364025d4bf2106e0998157570b7b4b1690c897f0845784edf4fc6b88d3cd7e7ba0a1ad93510a300ddfdf3f2a80be2b67b2c25d03ac890fa39
SSDEEP

786432:C34p5zbfmabH7obbsDYUt3GlEdn7p6GCy9chHS6FbXST9+7OoJPCQaG1M3q2875c:Co72aXibXUblShysJPC2DTPwpJ4UT9p

Score

10^/10

triada android discovery evasion execution impact persistence

Malware Config

Targets

- Target
  
  WhatsAppPlus_V30.25_ByAlhendi.apk
- Size
  
  72.3MB
- MD5
  
  a3a93a4f8b3eb811d93bae8a8ed17f7f
- SHA1
  
  74f943f2ef9cf67a652fe0a21e4131e00364f0d8
- SHA256
  
  fa0ec07848c52ed7d545d04e91c4d83dbcf85291bdbdf4e8777dfff280a530b8
- SHA512
  
  7e5afc4f73238a1364025d4bf2106e0998157570b7b4b1690c897f0845784edf4fc6b88d3cd7e7ba0a1ad93510a300ddfdf3f2a80be2b67b2c25d03ac890fa39
- SSDEEP
  
  786432:C34p5zbfmabH7obbsDYUt3GlEdn7p6GCy9chHS6FbXST9+7OoJPCQaG1M3q2875c:Co72aXibXUblShysJPC2DTPwpJ4UT9p
Score

7^/10

discovery evasion execution impact persistence
- Loads dropped Dex/Jar
  Runs executable file dropped to the device during analysis.
  evasion
- Acquires the wake lock
- Queries information about active data network
  discovery
- Reads information about phone network operator.
  discovery
behavioral1

MITRE ATT&CK Mobile v15

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Defense Evasion

Download New Code at Runtime

Virtualization/Sandbox Evasion

System Checks

Credential Access

Discovery

System Information Discovery

System Network Configuration Discovery

System Network Connections Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Data Encrypted for Impact

Tasks

static1

behavioral1

discoveryevasionexecutionimpactpersistence