Overview

overview

8

Static

static

Android APK

android_x86_64

8

Analysis

  • max time kernel
    4203052s
  • max time network
    140s
  • platform
    android_x86_64
  • resource
    android-x86_64_arm64
  • submitted
    13-01-2021 06:51

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    tmpu_48zv95.apk

  • Size

    2.5MB

  • MD5

    e304f3eb9aa9e2d7c8a72e75807bface

  • SHA1

    86c91ffa5420c600e00e62a5528dac1cde7eb2dd

  • SHA256

    db2d8aa091a8b26c4282e621715cc6973070c8f2d56823b0f353d5373a1334e8

  • SHA512

    145d363b23101c01a1db85efefc1d0e2fa89cec82a47ad9a9cb0bf468cf5e7180970046eb1610fd33331c064ea4f64369ce8413259b5b38079726e5d9d5d2165

Score
8/10
obfuscationstealthtrojan

Malware Config

Signatures

  • Removes its main activity from the application launcher 1 IoCs
    stealthtrojan
  • Loads dropped Dex/Jar 2 IoCs

    Runs executable file dropped to the device during analysis.

  • Suspicious use of android.app.ActivityManager.getRunningServices 186 IoCs
  • Suspicious use of android.os.PowerManager$WakeLock.acquire 1 IoCs
  • Suspicious use of android.telephony.TelephonyManager.getLine1Number 6 IoCs
  • Uses reflection 42 IoCs
    obfuscation

Processes

  • bless.access.tumble
    1⤵
    • Removes its main activity from the application launcher
    • Loads dropped Dex/Jar
    • Suspicious use of android.app.ActivityManager.getRunningServices
    • Suspicious use of android.os.PowerManager$WakeLock.acquire
    • Suspicious use of android.telephony.TelephonyManager.getLine1Number
    • Uses reflection
    PID:4477

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads