Overview

overview

8

Static

static

Android APK

android_x86_64

8

Analysis

  • max time kernel
    4203195s
  • max time network
    127s
  • platform
    android_x86_64
  • resource
    android-x86_64
  • submitted
    13-01-2021 06:51

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    tmpddh2p5rm.apk

  • Size

    2.5MB

  • MD5

    3f987e8f3855062d26a6253f75396c51

  • SHA1

    77d3c32f030542d9002857c1a24b8efc5a82270f

  • SHA256

    40b8a8fd2f4743534ad184be95299a8e17d029a7ce5bc9eaeb28c5401152460d

  • SHA512

    69b320438573e6e872f2f1a100535effd55bbfa02771fd5a9e9cd91c3d9589dc07aea7e2c9d60289e61f0d85a8700d26d32ddf1af79727e5237bc542c6c88559

Score
8/10
obfuscationstealthtrojan

Malware Config

Signatures

  • Removes its main activity from the application launcher 3 IoCs
    stealthtrojan
  • Loads dropped Dex/Jar 2 IoCs

    Runs executable file dropped to the device during analysis.

  • Suspicious use of android.app.ActivityManager.getRunningServices 25 IoCs
  • Suspicious use of android.os.PowerManager$WakeLock.acquire 1 IoCs
  • Suspicious use of android.telephony.TelephonyManager.getLine1Number 6 IoCs
  • Uses reflection 42 IoCs
    obfuscation

Processes

  • release.letter.excite
    1⤵
    • Removes its main activity from the application launcher
    • Loads dropped Dex/Jar
    • Suspicious use of android.app.ActivityManager.getRunningServices
    • Suspicious use of android.os.PowerManager$WakeLock.acquire
    • Suspicious use of android.telephony.TelephonyManager.getLine1Number
    • Uses reflection
    PID:3634
    • release.letter.excite
      2⤵
        PID:3689
      • getprop
        2⤵
          PID:3689
        • release.letter.excite
          2⤵
            PID:3829
          • getprop
            2⤵
              PID:3829

          Network

          MITRE ATT&CK Matrix

          Replay Monitor

          Loading Replay Monitor...

          Downloads