09e3ce20bce52705b8a881dab468844bf408dc31e5f039662851bc3df1e1364f | Triage

Sharing

General

Target

09e3ce20bce52705b8a881dab468844bf408dc31e5f039662851bc3df1e1364f.bin
Size

3.7MB
Sample

250328-12xsrsstgt
MD5

36990bdc96888e3208cf66f48a0753c0
SHA1

7e9edb033481a067233a98ec5d44cc6865b50d40
SHA256

09e3ce20bce52705b8a881dab468844bf408dc31e5f039662851bc3df1e1364f
SHA512

6158e7c06a34c7e120fb8793abe542cee65fa602cce40d7cb4e39b5f37d040277214b95427b7e529cd2e6371651124a57a48de48499190d3284a45b4cba4ea6a
SSDEEP

98304:bd2ZrsgEiIK/z2fHENYVCXKrtmkQcaWqpL:QDIi2fkNz4tmkfaWqx

Score

7^/10

android banker defense_evasion discovery evasion persistence

Malware Config

Targets

- Target
  
  09e3ce20bce52705b8a881dab468844bf408dc31e5f039662851bc3df1e1364f.bin
- Size
  
  3.7MB
- MD5
  
  36990bdc96888e3208cf66f48a0753c0
- SHA1
  
  7e9edb033481a067233a98ec5d44cc6865b50d40
- SHA256
  
  09e3ce20bce52705b8a881dab468844bf408dc31e5f039662851bc3df1e1364f
- SHA512
  
  6158e7c06a34c7e120fb8793abe542cee65fa602cce40d7cb4e39b5f37d040277214b95427b7e529cd2e6371651124a57a48de48499190d3284a45b4cba4ea6a
- SSDEEP
  
  98304:bd2ZrsgEiIK/z2fHENYVCXKrtmkQcaWqpL:QDIi2fkNz4tmkfaWqx
Score

7^/10

banker defense_evasion discovery persistence evasion
- Loads dropped Dex/Jar
  Runs executable file dropped to the device during analysis.
  evasion
- Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
  banker discovery
- Queries the phone number (MSISDN for GSM devices)
  discovery
- Reads information about phone network operator.
  discovery
- Requests disabling of battery optimizations (often used to enable hiding in the background).
  defense_evasion
behavioral1 behavioral2 behavioral3

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

Broadcast Receivers

Privilege Escalation

Defense Evasion

Download New Code at Runtime

Hide Artifacts

User Evasion

Credential Access

Discovery

Software Discovery

Security Software Discovery

System Network Configuration Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

bankerdefense_evasiondiscoverypersistence

behavioral2

bankerdiscoverypersistence

behavioral3

bankerdefense_evasiondiscoveryevasion