abf4118ecb99406542662456108db883a0aabfdd536be577a9f2b9d298d86d5d | Triage

Analysis

max time kernel
149s
max time network
161s
platform
android-11_x64
resource
android-x64-arm64-20240910-en
resource tags

arch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240910-enlocale:en-usos:android-11-x64system
submitted
24/03/2025, 04:33

Sharing

Report Analysis Logs

General

Target

Elite antivirus.apk
Size

531KB
MD5

b1030f4d303423fc820de7fcca1e2ff1
SHA1

f2a5ebb77d3dde3041f9d35fcaeec6aec2499e0d
SHA256

abf4118ecb99406542662456108db883a0aabfdd536be577a9f2b9d298d86d5d
SHA512

b7d74e8bcfa604a291800f3cc1ee3fa6c77b6baf10d2636ede688b8cba736772473b0f059535abac593b1f464245ce62bc17532dfc265a7781100577acb22b2a
SSDEEP

12288:NcVS3E28sccs6iDsGJsOoF5GA6yaaJjRH6+O//n3tKpSsM+1HA+F2A:NOS3E28Xcs6iAGJ2p7ayN6+ONjstgBA

Score

7^/10

collection impact privilege_escalation

Malware Config

Signatures

Reads the contacts stored on the device. 1 TTPs 1 IoCs

Contact List

description	ioc	Process
URI accessed for read	content://com.android.contacts/data/phones	com.elite

Tries to add a device administrator. 2 TTPs 1 IoCs

privilege_escalation impact

Device Administrator Permissions

Account Access Removal

description	ioc	Process
Intent action	android.app.action.ADD_DEVICE_ADMIN	com.elite

com.elite
1⤵
- Reads the contacts stored on the device.
- Tries to add a device administrator.
PID:4778

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Abuse Elevation Control Mechanism

Device Administrator Permissions

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Protected User Data

Contact List

Command and Control

Exfiltration

Impact

Account Access Removal

Replay Monitor

Loading Replay Monitor...

Downloads