General
-
Target
Telegram.apk
-
Size
73.3MB
-
Sample
240630-1nth7awgkb
-
MD5
f8f1954eea472d48d91af5aca2abd2d3
-
SHA1
0c283ed015582530fe9dda544e68db24e8508585
-
SHA256
25f434ac85059d1a7636e3b6058e0499e16deeffbc8d8ed3ac2e55d90f7104a4
-
SHA512
e076acce0811975b08524712c78dc8860ac7892ec42167153200625a282bdc66ce101b629ca0784342aff896e16715b60bcf723574ae30e962cf6b7521c94a60
-
SSDEEP
1572864:YYoB2pP6b4Y4thGMAN36zVoRfEbANBul340oq0wXQrtyH:Ywl64F8Z2oRfEE+LoqtAtyH
Static task
static1
Behavioral task
behavioral1
Sample
Telegram.apk
Resource
android-33-x64-arm64-20240624-en
Malware Config
Targets
-
-
Target
Telegram.apk
-
Size
73.3MB
-
MD5
f8f1954eea472d48d91af5aca2abd2d3
-
SHA1
0c283ed015582530fe9dda544e68db24e8508585
-
SHA256
25f434ac85059d1a7636e3b6058e0499e16deeffbc8d8ed3ac2e55d90f7104a4
-
SHA512
e076acce0811975b08524712c78dc8860ac7892ec42167153200625a282bdc66ce101b629ca0784342aff896e16715b60bcf723574ae30e962cf6b7521c94a60
-
SSDEEP
1572864:YYoB2pP6b4Y4thGMAN36zVoRfEbANBul340oq0wXQrtyH:Ywl64F8Z2oRfEE+LoqtAtyH
Score7/10-
Checks known Qemu pipes.
Checks for known pipes used by the Android emulator to communicate with the host.
-
Queries account information for other applications stored on the device
Application may abuse the framework's APIs to collect account information stored on the device.
-
Queries the phone number (MSISDN for GSM devices)
-
Reads the contacts stored on the device.
-
Reads the content of photos stored on the user's device.
-
Acquires the wake lock
-
Queries information about active data network
-