Resubmissions

15/06/2021, 23:24

210615-csdph6r2wn 10

14/05/2021, 12:51

210514-gvbw3h83z2 1

Analysis

  • max time kernel
    302012s
  • max time network
    153s
  • platform
    android_x64
  • resource
    android-x64
  • submitted
    15/06/2021, 23:24

General

  • Target

    CB3BC74583A9DB083753AD994AD7B99A26E584DCB12ADC6EFC8699DCEFDC7051.apk

  • Size

    3.7MB

  • MD5

    d9a961119f96ed632a2542d97b3a0ae2

  • SHA1

    2d7554949e2dce191a9b73c6096ce2dab3c4c2b7

  • SHA256

    cb3bc74583a9db083753ad994ad7b99a26e584dcb12adc6efc8699dcefdc7051

  • SHA512

    8fe65a58d7509b6fca96ca7e926c86b1558b2ae735439a131a8d977879d19048f1b55275dc083c9595f74ceeea8815f211e133652c09c74014872d04cbb22f43

Malware Config

Signatures

  • BlackRock

    BlackRock is an android banker based on Xerxes banking Trojan.

  • BlackRock Payload 5 IoCs
  • Loads dropped Dex/Jar 4 IoCs

    Runs executable file dropped to the device during analysis.

  • Requests enabling of the accessibility settings. 1 IoCs
  • Uses Crypto APIs (Might try to encrypt user data). 1 IoCs
  • Uses reflection 54 IoCs

Processes

  • leg.tilt.rocket
    1⤵
    • Loads dropped Dex/Jar
    • Uses reflection
    PID:3638
  • leg.tilt.rocket:cproc
    1⤵
    • Loads dropped Dex/Jar
    • Requests enabling of the accessibility settings.
    • Uses Crypto APIs (Might try to encrypt user data).
    • Uses reflection
    PID:3707

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads