General

  • Target

    mechat-v3.8.0-mod.apk

  • Size

    91MB

  • Sample

    230202-x1f7vaeg26

  • MD5

    50ff1efe92ad51e84faca312e6609b90

  • SHA1

    281aad0bd27c8e2ab54dc2ae47a47a359f0d40dd

  • SHA256

    5754442c1fbf7e7451f38f1af91e7475069f031b63db17a205b79610702abc66

  • SHA512

    0cd0d3c75778ad72c56455a2cda6ecd34e30d4981c05914c6d943bdb1604a83e1b9ed6b22a3ddadab2fe6bad6cfacec73a150563cfce1251c06d356d16ada2c2

  • SSDEEP

    1572864:Zg7GKLTGqm2Kqo2LJYSpa//PSQctyKx/1qmZHl7kp63uvnuTDQGjpxORR8:uLrKqPtYSpafSVYKZ1qm1egeeQGjpoRO

Malware Config

Targets

    • Target

      mechat-v3.8.0-mod.apk

    • Size

      91MB

    • MD5

      50ff1efe92ad51e84faca312e6609b90

    • SHA1

      281aad0bd27c8e2ab54dc2ae47a47a359f0d40dd

    • SHA256

      5754442c1fbf7e7451f38f1af91e7475069f031b63db17a205b79610702abc66

    • SHA512

      0cd0d3c75778ad72c56455a2cda6ecd34e30d4981c05914c6d943bdb1604a83e1b9ed6b22a3ddadab2fe6bad6cfacec73a150563cfce1251c06d356d16ada2c2

    • SSDEEP

      1572864:Zg7GKLTGqm2Kqo2LJYSpa//PSQctyKx/1qmZHl7kp63uvnuTDQGjpxORR8:uLrKqPtYSpafSVYKZ1qm1egeeQGjpoRO

    • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps).

    • Acquires the wake lock.

    • Checks Android system properties for emulator presence.

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Reads information about phone network operator.

    • Removes a system notification.

    • Uses Crypto APIs (Might try to encrypt user data).

MITRE ATT&CK Matrix

Tasks