General
-
Target
5a6d15bd4dc57e2379de737c26e48dee5dc2c456dda26b79384736fbbf51bc51
-
Size
954KB
-
Sample
221127-lsrstscb5t
-
MD5
539330d77023aa118d3a925b41dfb5b1
-
SHA1
f4049cfbb70399ce9b3b0f5d98f7cb4da1cd53b3
-
SHA256
5a6d15bd4dc57e2379de737c26e48dee5dc2c456dda26b79384736fbbf51bc51
-
SHA512
e4c9f546144d784d564b10cd452e92218ae24a774057a3c0f47a18d83a26c4e7b66f2045cb47a25cd224e4a73a3f0a4cf4753d41c59dc12faa7b1509213ed324
-
SSDEEP
12288:d/n4NsAWJ8SEk+Ng3yqD2x1KNyzLpWRhl7wG9nIPByD/91/cqtuEoDpMovhbgSoW:d/4mAw8SELNgWQse7wlZAP/ZMGovuC44
Malware Config
Targets
-
-
Target
5a6d15bd4dc57e2379de737c26e48dee5dc2c456dda26b79384736fbbf51bc51
-
Size
954KB
-
MD5
539330d77023aa118d3a925b41dfb5b1
-
SHA1
f4049cfbb70399ce9b3b0f5d98f7cb4da1cd53b3
-
SHA256
5a6d15bd4dc57e2379de737c26e48dee5dc2c456dda26b79384736fbbf51bc51
-
SHA512
e4c9f546144d784d564b10cd452e92218ae24a774057a3c0f47a18d83a26c4e7b66f2045cb47a25cd224e4a73a3f0a4cf4753d41c59dc12faa7b1509213ed324
-
SSDEEP
12288:d/n4NsAWJ8SEk+Ng3yqD2x1KNyzLpWRhl7wG9nIPByD/91/cqtuEoDpMovhbgSoW:d/4mAw8SELNgWQse7wlZAP/ZMGovuC44
Score8/10-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps).
-
Acquires the wake lock.
-
Checks Android system properties for emulator presence.
-
Loads dropped Dex/Jar
Runs executable file dropped to the device during analysis.
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Reads information about phone network operator.
-
Removes a system notification.
-
Uses Crypto APIs (Might try to encrypt user data).
-