Analysis
-
max time kernel
3881307s -
max time network
130s -
platform
android_x86 -
resource
android-x86_arm -
submitted
20-11-2020 20:28
General
-
Target
nhc2.0.apk
-
Size
6.7MB
-
MD5
f84aa3c1612db042ada1a1828c4a793a
-
SHA1
8dc402560c79345e3078183cc058ae1503cc41c3
-
SHA256
9f18d696db294adf3fedcf2d0a0ab511d1b2bf1e569626ea0d84f4c7fd54db6d
-
SHA512
3521ddfdab300d04e66f88010d869ab354b6166af83bf578516e7de599a4adb2f052f218485b1eafc60b199da44da187ede852bfb568dde85272cb93e66107f9
Score
10/10
Malware Config
Extracted
AES_key
Signatures
-
Reads name of network operator 1 IoCs
Uses Android APIs to discover system information.
-
Uses Crypto APIs (Might try to encrypt user data). 1 IoCs
-
Suspicious use of android.app.ActivityManager.getRunningServices 1 IoCs
-
Suspicious use of android.app.ApplicationPackageManager.getInstalledPackages 1 IoCs
-
Suspicious use of android.os.PowerManager$WakeLock.acquire 3 IoCs
-
Suspicious use of android.telephony.TelephonyManager.getLine1Number 4 IoCs
-
Uses reflection 17 IoCs
Processes
-
com.nhc9202011203.activity11⤵
- Reads name of network operator
- Uses Crypto APIs (Might try to encrypt user data).
- Suspicious use of android.app.ActivityManager.getRunningServices
- Suspicious use of android.app.ApplicationPackageManager.getInstalledPackages
- Suspicious use of android.os.PowerManager$WakeLock.acquire
- Suspicious use of android.telephony.TelephonyManager.getLine1Number
- Uses reflection