General

  • Target

    pandemdonem.apk

  • Size

    1.9MB

  • Sample

    201120-2xy7kpx2aj

  • MD5

    fd5534277e4d730eec79803ceb1ca197

  • SHA1

    c1a8fa1606d2906c5cd3f24fa1a55a7ea63e077d

  • SHA256

    5056b30408c043e71269db908f27c95176613717946b7e60cb4ca899634505ca

  • SHA512

    accf44ed3a76cc1cb15075f638efeda5cef4ae248efe55d5b80fe1a469ad479badadd9ffbe28ff0aef61cb422d8dbf48e593da9854a7bde7e956dd168990a9ee

Malware Config

Targets

    • Target

      pandemdonem.apk

    • Size

      1.9MB

    • MD5

      fd5534277e4d730eec79803ceb1ca197

    • SHA1

      c1a8fa1606d2906c5cd3f24fa1a55a7ea63e077d

    • SHA256

      5056b30408c043e71269db908f27c95176613717946b7e60cb4ca899634505ca

    • SHA512

      accf44ed3a76cc1cb15075f638efeda5cef4ae248efe55d5b80fe1a469ad479badadd9ffbe28ff0aef61cb422d8dbf48e593da9854a7bde7e956dd168990a9ee

    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps).

    • Removes its main activity from the application launcher

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Reads name of network operator

      Uses Android APIs to discover system information.

MITRE ATT&CK Matrix

Tasks