Overview

overview

7

Static

static

7

TokenPocketPro.apk

android-9-x86

7

hook.apk

android-9-x86

hook.apk

android-10-x64

hook.apk

android-11-x64

libexec.so

ubuntu-18.04-amd64

1

libexecmain.so

debian-9-armhf

1

hook_.apk

android-9-x86

hook_.apk

android-10-x64

hook_.apk

android-11-x64

libexec.so

ubuntu-18.04-amd64

1

libexecmain.so

ubuntu-18.04-amd64

1

libhook

ubuntu-18.04-amd64

libhook

debian-9-armhf

libhook

debian-9-mips

libhook

debian-9-mipsel

libhook_

ubuntu-18.04-amd64

libhook_

debian-9-armhf

libhook_

debian-9-mips

libhook_

debian-9-mipsel

mobile.v2.13.5.html

windows7-x64

1

mobile.v2.13.5.html

windows10-2004-x64

1

privacy.html

windows7-x64

1

privacy.html

windows10-2004-x64

1

privacy_en.html

windows7-x64

1

privacy_en.html

windows10-2004-x64

1

terms.html

windows7-x64

1

terms.html

windows10-2004-x64

1

terms_en.html

windows7-x64

1

terms_en.html

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

General

  • Target

    TokenPocketPro.apk

  • Size

    38.3MB

  • Sample

    230524-m9pv8scb66

  • MD5

    62d3af25fc2d322158bc34e847beae2f

  • SHA1

    b6a9134776a9a84c65fe0de8622e59aa54df1b4b

  • SHA256

    cbfbf0f209b9e549217672e1849cca232c80831088161a1e5bcd2d6b8acef079

  • SHA512

    c9af22d0391c1583e9fa564fe4c242428ad7f379129c1fd4478a0aa7d6961f9fdb22c8fefd57f855081580a5f624ad64829dff227173c01fe166b91ea530e0e9

  • SSDEEP

    786432:v5InWT3AWdT4jWjQbW+HO/P4L7adGT4l3kQsngW8NX:vP3ldT4ajMHk4LADl3w0X

Score
7/10
androidlinux

Malware Config

Targets

    • Target

      TokenPocketPro.apk

    • Size

      38.3MB

    • MD5

      62d3af25fc2d322158bc34e847beae2f

    • SHA1

      b6a9134776a9a84c65fe0de8622e59aa54df1b4b

    • SHA256

      cbfbf0f209b9e549217672e1849cca232c80831088161a1e5bcd2d6b8acef079

    • SHA512

      c9af22d0391c1583e9fa564fe4c242428ad7f379129c1fd4478a0aa7d6961f9fdb22c8fefd57f855081580a5f624ad64829dff227173c01fe166b91ea530e0e9

    • SSDEEP

      786432:v5InWT3AWdT4jWjQbW+HO/P4L7adGT4l3kQsngW8NX:vP3ldT4ajMHk4LADl3w0X

    Score
    7/10

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Requests dangerous framework permissions

    behavioral1

    • Target

      hook

    • Size

      1.9MB

    • MD5

      49045adf22481adf952391038d086630

    • SHA1

      be6986385a49d149235aed8cc830e36e443ee405

    • SHA256

      fe0594030d7e0dcd01eefbe3032b708f51ccb35a71f494d7daabaa136221c946

    • SHA512

      d8393f3f5f54ba40452696162c0bc48d37c90602a98ed12b691daa70cade6f0b2937db51e283bc665fe8869e9715db7fb6d6404d5b4c64318d8fbb942ac331a9

    • SSDEEP

      49152:Aceg8gt5IZTRKIAVCCng9e2VquBCAj/tJ77pyiLbFB:cRgg7KIqCCAeAquBjtN7pygbb

    Score
    1/10
    behavioral2behavioral3behavioral4

    • Target

      libexec.so

    • Size

      477KB

    • MD5

      86e1d60b3babb210ce8ab40bbe6e0765

    • SHA1

      5fcbaa110d918b98e3cd472814b9efe1ad1e05aa

    • SHA256

      655964e9e18a5d63a3ab49d10b0fb0df93053410165746bee618f7c0d74818ca

    • SHA512

      343565f2c4a2dc4e53286e7de3a5c0ef8385094b67180a0261b38e606297e15ba5409a0fa6d556a32a03ca45cb40713028192849ff81dbb67f83546d2b9ef328

    • SSDEEP

      12288:GqlZM62LUggEARb+yxii7tRYpBlqgs9W:j12LUHeyxv7Zl

    Score
    1/10
    behavioral5

    • Target

      libexecmain.so

    • Size

      27KB

    • MD5

      7ef209331e80eece92a1ab98350c3c53

    • SHA1

      e43707d5c8125139affa10dd5ef1297030384196

    • SHA256

      6d620953829a1d01742aa455303cdc4733dbef0dbcdebc8bfbb31b64230eaed6

    • SHA512

      4733cdd1a4b872b2565e748ddd431bdb3b363baa6b48d4b1cb587030d0f6e4513de066c9be12f0823cc4316c90025aea424dac8a40af0295a2954093c311de88

    • SSDEEP

      384:rDiOpz3/w4bif+hQr6f1O2dRiShm6oFWGntH7+V6xj0BmfP6rA9af5ZqjO8E8:rDb5hAC1OLtpQBm6rA9enIo

    Score
    1/10
    behavioral6

    • Target

      hook_

    • Size

      25KB

    • MD5

      dbfc0bd4ca40d84afc4c6e42bbbc3d2f

    • SHA1

      83fbe4a1d94690cb243e825d62149c8685f22c26

    • SHA256

      6840a058cf1c8ff82af2eebef2aeb8c2d3baae8f9a58ec2949c73b7e79887247

    • SHA512

      a67bbf1f4910e482e3ecf41e43e0a2a516992b3782d950c9b5727e3feaeab9696c66483867f648447031a168f43e9d98a3538bdee05cfd9b6c16ab3b03af8bd0

    • SSDEEP

      768:AAf+gDi70UQuoe+0MQDxIrNEzHKr1DR4ojodeG:TJi7xoj5NEzKBt0deG

    Score
    1/10
    behavioral7behavioral8behavioral9

    • Target

      libexec.so

    • Size

      501KB

    • MD5

      c854b7027626c41c636039de502c8d97

    • SHA1

      31f7303007f2ceaab0f24984a557f5747221a9e3

    • SHA256

      29600e1cbb06fac497cf829970e773f4333a7d77bdf88305d1ecac70dc32d854

    • SHA512

      15dc648d7652ed461692a2c92cdb2c09b09229b087f6c4637ecb309074f05f7fa929be53278dfb4683581938f3f69206aba39686192b6aeb8a3cf6b86af1c0f1

    • SSDEEP

      12288:CrsRJ5/Z64ymRiQT6PSUCsAnMa0w9CGE7YX2TedrruR:C8plyQiXS9JnMa3oGE7YnrqR

    Score
    1/10
    behavioral10

    • Target

      libexecmain.so

    • Size

      29KB

    • MD5

      95439a4bc7611fb68f147d9fbf8d00a6

    • SHA1

      6e62f7d1e2766a6396456b8e190bbc3dc1470ab2

    • SHA256

      4d07e36fba16733b974a6ac160c0fd16b58781c095f175c14ecf5ab557f88253

    • SHA512

      a3ea3098d2021958df2a1ecc3809e2db50462c16669c04c73b874fc2c8df716d9add5d3e704f3ac22f4511c2dcc0fedad7ed11a79e7a4a9a6539d8d502ff499c

    • SSDEEP

      384:ujb+TqzdrSE4WW+9JE4wGHNWrUOEQeroOtmGzLaGZqj0hE8:ujhNSED9JhHkrUO40OtmaLamIB

    Score
    1/10
    behavioral11

    • Target

      libhook

    • Size

      2.6MB

    • MD5

      fd1f04c8a39cecb5000147f7668e9497

    • SHA1

      d4b2191ce0e08f1585f7de0655c45ed5ce138ea7

    • SHA256

      f779de23f73ece6ac49be88eb99833f9b3a050b4ec2cc2c3b81cce559f9eac9f

    • SHA512

      cb4a0dfb0dadeaaedb5dc187cdbb43840296de2742e26fafe32867fe08dab4d533d3c5bbd7d58d9b4fc189701c163a346f7cd7b93be8d1d209c3b00eb778c7bf

    • SSDEEP

      49152:1lg4buFaDHUfdY1SbCXBx0osYANvqp6QmX2cuGWky87c8Q:1l2YDa+QCXBxbsYqQyX21Ay8Q8

    Score
    1/10
    behavioral12behavioral13behavioral14behavioral15

    • Target

      libhook_

    • Size

      761KB

    • MD5

      3f1a18103924bf605411a50661f11bfc

    • SHA1

      f72828ebe169a34ae83e9d528f43a5c22e1946c8

    • SHA256

      9da600da8446455804e0536bb07a2e7c5ecdae42d66e3beb738696cc0d36b796

    • SHA512

      e3227f7c222e6bc789a9c179d112abe173f8177ed893134e5206064aabd82f15cacc45b98a73a41b9f0ebb011a635156aec2f486d016118c047ebd6466eff0ae

    • SSDEEP

      12288:yMcnvq3Ljz0UG6BoDps/UvmkGaRXZivTBwFYWsb+4ZGEfJvIhn:y1q3fz0UwEaRAT24kGy

    Score
    1/10
    behavioral16behavioral17behavioral18behavioral19

    • Target

      mobile.v2.13.5.html

    • Size

      34KB

    • MD5

      99a22f904d0b3be0be39512362cd66b0

    • SHA1

      9aedd2534ec61ed7c64b9e5bced0eb784c6e3aa3

    • SHA256

      c3f58eea603bc9847c3dbf4feef3101ea6263654ef71c80a7220c374613ff75d

    • SHA512

      2299edbddf9690306d481ff81872f17e40538a98556f0da358d1181feb1693ca66f1e220c617c1a62e70a14f9f3c4dfe02d780a5573fe28b6876cc1f530bb23e

    • SSDEEP

      768:9FbVWxByZZJn1tGtXatUu9RliUg/ZwHqFQDH:9TTZwWUu9R4Iqq

    Score
    1/10
    behavioral20behavioral21

    • Target

      privacy.html

    • Size

      18KB

    • MD5

      21d89229a66d5392d2d71a09a8cf4b1d

    • SHA1

      bf8b389e5c00c2b32c104b078a5360810f0d14a3

    • SHA256

      ed47fd38188f4252f9a1380d5dd68897118e0fe2e0f7ffdb9f80b1a2654d9dc0

    • SHA512

      c513ce8b397ade361ca953b327c46b2363da8a7ca8dd01992daa130b864991d953878a461380e1f340a8db52693c1179ba7b85e5c5de3019e3b739fb17134597

    • SSDEEP

      384:2LC5+9iaRZ/sOB9kCnp5Q8BZHACa1WkMOJnbArKmlOPmLkJG4snCz6oM:D5iLA31WBOJnbArKmMPmLkOnu67

    Score
    1/10
    behavioral22behavioral23

    • Target

      privacy_en.html

    • Size

      23KB

    • MD5

      90b5536fd4c068d775162a5c30e51d12

    • SHA1

      89084f11768cba8aaeab6024f770d78946037571

    • SHA256

      e9c2176da205c194762b11812ab5fab2dfc2f1030fa49d475658f6fa7b0d3f9b

    • SHA512

      56f55c0e99ecd01d54f634112f726722c86b9b66bb9f25c448b8a227ee3e65eef1c77c7d34ca3501d8469345d8b76f468f2b0378baa56024f1101b341fef82e0

    • SSDEEP

      384:201C5+9iagdmtZ/XPpB0dmtRDn0Ppdmc8PLIT1qk00vNhFXgfLprDpfGv8tQH//k:25tl5RstST6OvtbLbdO

    Score
    1/10
    behavioral24behavioral25

    • Target

      terms.html

    • Size

      38KB

    • MD5

      f729d41750d178fe0ab4fc1afc3718ed

    • SHA1

      02f29b20da5bfeaa6e3eca081c27ab1373a857cd

    • SHA256

      8c7cea35f312572db38b75c8c24d649100bdebc8a9d8de04cea1097e76929377

    • SHA512

      4897b57fb39929a6e0e6ef5c8b4564e0d8459833cb8cb5e07cc41f9adde62c1566f7d60a4182a5db46c7eab846e40f603f376671ef234ac3780b6b1b288a5312

    • SSDEEP

      768:T5cWKuGuo1fN3b+SE8cLEU3JY+qheFPVOFGJnTMDvShSP3kk:TS1FpVN4rdVPg0JQOhSP3kk

    Score
    1/10
    behavioral26behavioral27

    • Target

      terms_en.html

    • Size

      48KB

    • MD5

      b8378e2860aeadf2435ce69d3b3dbb4b

    • SHA1

      9304d68d89ef8dd1ca1620105987d34fd19ed391

    • SHA256

      1b57094037c2b0a71ace549fea1bfc9e155e3a493e4f3219adf7ea0123e6136d

    • SHA512

      0fe1ea178b7db217f49c563bb1862cc250f535ab8f9c864c9030b08e8398945aa8e9924317559c583364db3dfd9a65e70ea6554253655ac3e340f854ae3a6132

    • SSDEEP

      1536:VXrihmfdArPNW7KLhM4xUG0PvHS79YGThjdsrTJPYtzkmkFzr:V7ihfPuIM4xzx79YG9jMYtz2d

    Score
    1/10
    behavioral28behavioral29

MITRE ATT&CK Enterprise v6

Tasks