pegasus | cdc4645f8705dd614528ac63a6cecce5b35dc931ce15d6c5421c91b47cb860e6

Analysis

max time kernel
112s
max time network
150s
platform
android-11_x64
resource
android-x64-arm64-20240910-en
resource tags

arch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240910-enlocale:en-usos:android-11-x64system
submitted
22/03/2025, 12:22

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

ade8bef0ac29fa363fc9afd958af0074478aef650adeb0318517b48bd996d5d5.apk
Size

257KB
MD5

7c3ad8fec33465fed6563bbfabb5b13d
SHA1

e5920f3723e62e1850157f09baf556006bf80f74
SHA256

ade8bef0ac29fa363fc9afd958af0074478aef650adeb0318517b48bd996d5d5
SHA512

75da7c118879d9430fb13c5a51d76e1278f0c1474d5cc25c4b9684b7d8c0f93b2e44584eee0f8b0d12016bc1efad367b45ff9ca5609853ae345b6d802ff63d10
SSDEEP

6144:OiJF1SCwcTjQGPihLcfUmu9XuS0nbkDIyTkRJ0P1d41RiFV1iFuU:OqF1VHzqLcfIJ4bqIeP9d4jkKFuU

Score

10^/10

pegasus collection discovery stealer trojan

Malware Config

Signatures

Pegasus
Pegasus is a commercial Android spyware first seen in 2016.
stealer trojan pegasus
Pegasus family
pegasus

Reads the contacts stored on the device. 1 TTPs 1 IoCs

collection

Contact List

T1636.003

description	ioc	Process
URI accessed for read	content://com.android.contacts/contacts	com.network.android

Reads the content of the browser bookmarks. 1 TTPs 1 IoCs

collection

Data from Local System

T1533

description	ioc	Process
URI accessed for read	content://browser/bookmarks	com.network.android

Reads the content of the call log. 1 TTPs 1 IoCs

collection

Call Log

T1636.002

description	ioc	Process
URI accessed for read	content://call_log/calls	com.network.android

Queries information about active data network 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.network.android

com.network.android
1⤵
- Reads the contacts stored on the device.
- Reads the content of the browser bookmarks.
- Reads the content of the call log.
- Queries information about active data network
PID:4795

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Connections Discovery

T1421

Lateral Movement

Collection

Data from Local System

T1533

Protected User Data

T1636

Call Log

T1636.002

Contact List

T1636.003

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.network.android/logs/0vlt.dat

Filesize
12B

MD5
818f67cac6747cfbe013015fcf186692

SHA1
7f57cc8b627f5a47e5531a32d87135a446016f68

SHA256
26dd644e1bbadfe6c904975af09ef758fbc09118f65df84f8f1eda4fc56919c1

SHA512
7c63b7c32db2a4b9d03bed5a2fec47c6ee5b1ba7c8ed629e2b0fefff3edefefd54b732159a8c34767a4f1403d4dda09dd9609c7e35ba5412625aad5d7925b2b8

Download Submit
/data/data/com.network.android/logs/0vlt.dat

Filesize
12B

MD5
d2762d9ef385c6161e64242aad081b0a

SHA1
cd2b37878d35118fa51f8fc987a6b29b110a0a5f

SHA256
641fb3523d28b85eeb624f513fb0e2e6b785a93494ce701d29e95d08797d9018

SHA512
8bce75f1014471284c151266f628c34798dcee0f386647ab41b28bb8e0162d6b4e0d0fc8699d00296e2ccd306d5a6776e02c86cd06f83eb705dedf36ab7a98bd

Download Submit
/data/data/com.network.android/logs/0vlt.dat

Filesize
12B

MD5
11bb9305af169a0d724c21d1a7c29005

SHA1
ab791cc591e7221161de4d17d9952c964d77a2ca

SHA256
0c9b262c030a7c7ebf2aa05d42beecd895e87a6a9b377633f1715f24d7491b8d

SHA512
fa289a98a3db1bfe7ce5f977188601aa3f2e4dc19b71b7869c98d632510d80a07167a6707383baa8ce3d80389758896bd9224481a7479e1a3cc4993b94e6d4f1

Download Submit
/data/data/com.network.android/logs/0vlt.dat

Filesize
12B

MD5
207a1637530d3b1f02bacf0e26c8f491

SHA1
bf266012776961661498001ad56e9e9d625d03bd

SHA256
bbfece5ae2611d03d58b097bde2d77dc2a63dde25852d43a284159bd05a23f40

SHA512
08ae541ad0b124b1f125b22d30fafde78166bfdaea6686a8aede09019edf8d940d16e6eec72916f81bf17077d33dfa16472fc88ba670d28ba5415277be3d3a7d

Download Submit
/data/user/0/com.network.android/databases/NetworkManagerData.db

Filesize
16KB

MD5
f64a816e653835b07054fb6ff9c91524

SHA1
8a78b568a09bfa940d8d4c1d889c92dd962047ac

SHA256
f942e329bb4d8e844e2ee2cee3fa71212fbf26c1016a5dec8eaf529716d0479a

SHA512
32195c3faf677215d7e9a9c1809585c93b981edea59c111d41110df1a10913edce7b11d2ca12c83b01cc0fd57ce4667ad9f101fbff4273de4a020919e718dd10

Download Submit
/data/user/0/com.network.android/databases/NetworkManagerData.db-journal

Filesize
8KB

MD5
c2fd1b62b4a01a6e3e486fefd4c6c9a4

SHA1
ac00866b6dbd5d85688273e533eb0f084f6734ac

SHA256
dc2b863967c16af36a64be13f74e613211a87dfe8261ecff6373b75f2632ba24

SHA512
4e96673f4f1148d7f25e8b39c7d5d0507dbbc01e4ab970f9d69ed06fc87cb4b812f8b6163fa81dfe6805e3a1948cb16ed0301760a23cfaa11325ec61b44274d9

Download Submit
/data/user/0/com.network.android/databases/NetworkManagerData.db-journal

Filesize
8KB

MD5
5e6024b6869f10ce2423f841e16f269a

SHA1
0531003868d51113c9c047b7b2482ccb899f9a4c

SHA256
11efbf3a6e72dee2420c42c9662be90e069dd872d4a2da9230cfdee32e5a7398

SHA512
facfd1a8d2b4e27c1aa45013567ed3a9b38a4d81f92f0efc8dd030d4d33fbe10da67fe7ef766f6a93ce478e8d5a7a6034e56d3469f9c78f280a29293555745d7

Download Submit
/data/user/0/com.network.android/databases/NetworkManagerData.db-journal

Filesize
512B

MD5
170f6043628c2c17328c521099947ed4

SHA1
3e673d0a5b5bd411abea2c248bb99c3c3bcbaa57

SHA256
9a8284fcdeff1e47a9788244889e5f4a908f34b5cd20ea489f956b2aa60f5dd8

SHA512
b36a54faa550c115871df05fa4f933444b704a144fc8189188c7eaa196965437276dbd24552af34646b919d0356ce6a97cea373ef96a5d4f7b5609b36df43384

Download Submit
/data/user/0/com.network.android/pex.dat

Filesize
12KB

MD5
138d764910cb46a05b83d5af830dcfd4

SHA1
583dafb10cbfa0941821d9fe721b4a28498ae656

SHA256
0aa2c4123b0ccd2e11f3ea6bf425488da6b7db400745fb43e8563aa1d5f95731

SHA512
874b0c9745cb1446ae6e826e7888b08e1e7127b790bf3842093d16499175922a6305c7244c9b42a854cd7685bbe18d879cb057d59ed45bd30fd9dc11748e3584

Download Submit
/data/user/0/com.network.android/srcsu.dat

Filesize
8KB

MD5
f091e95aa696a326b4b948869fd3df78

SHA1
3e2b4a81bac630973a990ed1e9e0a973158a818a

SHA256
5f1c4d94b3c91704c3955b8954ce543eecb292da4a58b7c61e7592adcffa0f33

SHA512
0b5ed603ca79db5a98e2b4e24d98eecedc7bcdc660efb37241f9c3e40a68e9fab5caac53a1a4e3fb6cfd99ac40c0ab8acf63d4e5ff96c7ab03aebec4f87b35f0

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads