97407f534fdc551ed2b568c7bf7b6df69c984fda5c03c518499fee4af7f6bbc2

Sharing

Copy URL

Twitter E-mail

General

Target

telelatinomobile_TVNDW.apk
Size

38.1MB
Sample

230612-cw679abb7t
MD5

0d4227a509c678e5dc3fc885c812227c
SHA1

36e1e8c5e35e9130a7e66ad869003b68417a315b
SHA256

97407f534fdc551ed2b568c7bf7b6df69c984fda5c03c518499fee4af7f6bbc2
SHA512

44cf032ad855fd1efc3af2f429babd1ab440fb565e898ad6422c26da9b5fea6b3708965f318ff81bc1f2322c18ba65ec00f444db72b16f61a109ef2fe984bc08
SSDEEP

786432:fU5xzWq3IfxsV7SzWq3IfDADCZnDGj4eAuJjgmZvjZMwonu0cdaMbDYhn0Vc5dLz:c5dn3esBen3EADCZGj4JuMwSu0e5Vodz

Score

7^/10

android linux

Malware Config

Targets

- Target
  
  telelatinomobile_TVNDW.apk
- Size
  
  38.1MB
- MD5
  
  0d4227a509c678e5dc3fc885c812227c
- SHA1
  
  36e1e8c5e35e9130a7e66ad869003b68417a315b
- SHA256
  
  97407f534fdc551ed2b568c7bf7b6df69c984fda5c03c518499fee4af7f6bbc2
- SHA512
  
  44cf032ad855fd1efc3af2f429babd1ab440fb565e898ad6422c26da9b5fea6b3708965f318ff81bc1f2322c18ba65ec00f444db72b16f61a109ef2fe984bc08
- SSDEEP
  
  786432:fU5xzWq3IfxsV7SzWq3IfDADCZnDGj4eAuJjgmZvjZMwonu0cdaMbDYhn0Vc5dLz:c5dn3esBen3EADCZGj4JuMwSu0e5Vodz
Score

7^/10
- Checks known Qemu pipes.
  Checks for known pipes used by the Android emulator to communicate with the host.
behavioral1
- Target
  
  IJMDal.Data
- Size
  
  36KB
- MD5
  
  600fe0c2fe939fc740746b89fd76a3b3
- SHA1
  
  c02a7f4953c1bc29849ff1bcf1416e412e303e7f
- SHA256
  
  d2a7d10b69236df60990c15a3b3812ba35bbdbe0bd397d2472117603c1c010f5
- SHA512
  
  10ef2249cd2fabd6c43fb75dd2891421d6000b9a814b2fa09eae986e79ca263818c6aab1242b8064a4f6110299e66ce5c9657a55c3abd2f5080ff0e9d5d65be8
- SSDEEP
  
  768:eXGMWMd3V8YxLwhdfj7p1uYanVpbxqn/JNZZ+lYGMD00p5ArodFT64:y7h35xLKdflScRNZZ+lYN5z3
Score

3^/10
behavioral2 behavioral3
- Target
  
  InteGration_4.5.6.ttf
- Size
  
  3B
- MD5
  
  ea20a043c08f5168d4409ff4144f32e2
- SHA1
  
  47ab9979443fb7ed1c193d06773333ba7876094f
- SHA256
  
  13715f6c8b48ed1b00f509ca29bc826bd04fd6f1ce8d8ebe27fb286312ce3ba1
- SHA512
  
  54f608707022db0a0901468b26edbf56d29424e11ee67762ee86c58547dc4bfe6b82d5a2d4cae03053f1fed8122bfc3d274994ec2b5e5838cd70abd2e783f3a4
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral4 behavioral5
- Target
  
  af.bin
- Size
  
  16B
- MD5
  
  f46b47c070753ce74788b3e6aab9b51e
- SHA1
  
  e238dbd6d19b1b4e0313f0278aea834850defa34
- SHA256
  
  e1ca02031ff45be7314e3095c5a3e85c1370fc91b7dbf9a181d082f853507711
- SHA512
  
  67d20a325c412928c4286d6d6597a07297ce13d8897b4e77b24c0a7d73ad259630381ee9741e0cadfb4767e2d6eeba5e88367d460ccdf0bc5d0f2eca355d41d7
Score

3^/10
behavioral6 behavioral7
- Target
  
  alaunchec.dat
- Size
  
  27B
- MD5
  
  7151d99ce6f01ed43b9303aae57a7715
- SHA1
  
  1d2703400b85bd5147137274f52227cb5d466334
- SHA256
  
  5be91d0f4f8587b766ea9bfe41c2dc7db2e9442680b8c86b4163dff22b53be58
- SHA512
  
  74279573362a716ace9cf84608a0274b65becbb181fbf07e8ab43182f0314b0f6b4e9f86cd1dda94508a720833fdda95f61d0f2f43a07bb76c88e8c623dac598
Score

3^/10
behavioral8 behavioral9
- Target
  
  alauncher.dat
- Size
  
  6.3MB
- MD5
  
  3b12a3b181fada8f21fa36fe32b63485
- SHA1
  
  a5a282e66d827197effdd60b6c9e22860ade5431
- SHA256
  
  d891ded81101b30b90af47de17e1cb71faf78b3cf2d15dad24f58375affb9825
- SHA512
  
  e150bf43847a6697aa36fe7b0e24944071b7afdc91b213166e470e18899d9f3e280a93ae3603a9d9471efc5fb04241f04275062b85e23d86dbbf26335b896e72
- SSDEEP
  
  196608:OQHVY1NgCPLRskQGQoBLLLfkbQKlgT3ABz7yFdwqD1gu:Oiu1GClFQGQyMVST3AJggu
Score

3^/10
behavioral10 behavioral11
- Target
  
  bicon.dat
- Size
  
  1.3MB
- MD5
  
  dcabb43f7ad8e863d01889a467640f54
- SHA1
  
  0c96af14a96218dd4f4168bdb32c20636b0af9c9
- SHA256
  
  8d423b98d23200e98bb1a8671373d7d8b196c75af4a64fc5102aee22a01af892
- SHA512
  
  145d26731b20c82d3001936d9e6e8eefebf484478aabb51df5d1cca451e51306567424f56e6177eb83c202054eaa8da88d466792c1e26bb46ea0a10dd4a46753
- SSDEEP
  
  24576:TthufZchiYwIApEy3N2P/XipNOPNED127Evi5ayuTSvS6vDVQYCi3S0RM:DsZF7Ey3Y3XSNONER27E+vRjCNgM
Score

3^/10
behavioral12 behavioral13
- Target
  
  icon_max_data_encrypted_xxxyyy.png
- Size
  
  32B
- MD5
  
  55a54afc17eefd8eada00b801c504ce0
- SHA1
  
  31c3b35abf33d3e1c7451426493079a53213d384
- SHA256
  
  fce3b49152b491ea9aa81c3927de848d7be88c0829626fc2cefe2791e83596af
- SHA512
  
  b5d4aa75db35344c1f6cc0ecdde45d7f4a796aad37ab7f1039b952bac5cd9a3a281b6b6db541a03bd3984e6c7ed33e233b898a6222d87bddf01d410f41070f1b
Score

3^/10
behavioral14 behavioral15
- Target
  
  icon_titl_last_encrypted.png
- Size
  
  16B
- MD5
  
  605a2c53e9df9d8ba636244e07958a03
- SHA1
  
  1b497b4b5581c4fff708ed374f37b7dd83a3a15d
- SHA256
  
  cd54f829389b3a50e81e3bc136a77db40b7f3c4cf0818f0643a912f0e49a82d0
- SHA512
  
  cb46aed0752727dac2431726dfe07b80dd10711a0cff2b7193d363267606a74836d35fd9c538cd22c261551f89d0e137eaeebb59b347eee26cf299633582afc0
Score

3^/10
behavioral16 behavioral17
- Target
  
  ijiami.ajm
- Size
  
  1.9MB
- MD5
  
  e8996b43d49bcf73e4791c0850b08140
- SHA1
  
  d546f2efb9a8c7c327c5482054e0a353bbef8eed
- SHA256
  
  c62cf1b73362064efc0ee97d504f51c8c378d7a23926667cdb655d84f0a4dd96
- SHA512
  
  c82ca6fa145515e3242bc2b9d1f9dc619bdc4c91f7143bb6f79943f7f89ed4b7fae680fa4bcdb6399d045c868ee35e86bb04cb1c29b02c09a78c952bf129f70d
- SSDEEP
  
  24576:dI0ZjCCgCndgDAZE3h+Pg3/8at/yvTHGAgXR018FC/XItpAnfTDZdHVynNWVVzKy:O8jD/dCUE3h+q8aqbgB01LYKVmoVkeDF
Score

3^/10
behavioral18 behavioral19
- Target
  
  ijiami.dat
- Size
  
  6.9MB
- MD5
  
  65f0c58660e67ae9125fbabd4c355cd0
- SHA1
  
  9618b56670dfa89a348f188dd7dfda24d5314a37
- SHA256
  
  ab2575ab477df21c65333fa20ece17d60a121162ea5b21b15e69577e15d41188
- SHA512
  
  a4c87682138b95bbd2e62b48bb3e3ff555181c08bceff6d1caa480ba2be4a6de498ad314cbfbe1c80a8b7f94df59a7fedc932f8931ce31b93a757b983081714e
- SSDEEP
  
  196608:ZlMuamkN8oHSmRHE7SeWhi0nJMCzlSlI+cFLK:ZldamkWbD7khtJ3zliI+n
Score

3^/10
behavioral20 behavioral21
- Target
  
  image_icon_constructor_encrypted.png
- Size
  
  32B
- MD5
  
  a198e2710fe94373e0d690528fdd06b1
- SHA1
  
  1b457ec4bf47c399eff699e3f3866c310c24ca29
- SHA256
  
  4177126d527243d5bed5df0be87592f29b56fd170338671e571e0d2b291997ec
- SHA512
  
  852c884bf17429f52ff0ace53c41d8b8438aacee2b9f04b317af8e2746ffd9ed7c0d482a54570e53bd2ca4b5786179c15cbb4c1d4756b6cfd70573d3e5c1d459
Score

3^/10
behavioral22 behavioral23
- Target
  
  libijmDataEncryption.so
- Size
  
  559KB
- MD5
  
  db9423136ade78d1b432549eced7d96d
- SHA1
  
  5bef81691fc6442b8d6b0b00b7138342d25fe441
- SHA256
  
  d2743c6ddd526bdcf99ddd1a48a8cb1880563616ce6c6ff860b62ee55def69c9
- SHA512
  
  67abdbba27b5b8a6f9196ec3f895d6f798b8f25a3e3ab605469d30fbcc8d63dda7fb42f066421d586a7a266a20c486e26f77b5fc173cfe581a60ada86d8cbf86
- SSDEEP
  
  12288:+YD1ISgb0jgpBHOi8TcZItJRzbIFdkMtjKCLZ6nV7T:ZD1ISgbNOixitJV0FsVV
Score

1^/10
behavioral24
- Target
  
  libijmDataEncryption_x86.so
- Size
  
  446KB
- MD5
  
  72b29ca122fa57c30ff2aaf6fcaaf191
- SHA1
  
  285dca283cea43f908c6cda623d036c82dbbac25
- SHA256
  
  0e494c2a848447b9f308c89dcf1d56c85b115c189d6475fa99e4ca207e413dbb
- SHA512
  
  3b0db1ebbaeda870a8c7ba1201f140e8bb91c45068009523b1470173faca94ac60d6fb4ea895e9f04df265df8048e5e5a7d60cf52aa206e5d5269d237a1274b2
- SSDEEP
  
  12288:/k9B+zsc24LvDEFLU5K0YSJB5Mc1TMf393:/kiz/2iDe8x5p1TM9
Score

1^/10
behavioral25
- Target
  
  localinfo
- Size
  
  1KB
- MD5
  
  beca5f7171628c40760f393f59bb1f23
- SHA1
  
  7b8a5e760c353775b41021b45019131b3b0f49c8
- SHA256
  
  a9405cf97ebbf5d239306357f47dcd4f695b726a67fc79ba818fcef6e70bdd44
- SHA512
  
  0f656207c0aecd508b961fec4cc4006f14cb426521488e30ffc072a8fd4fbbc50379ffa292242300f6edaf03869fe474769709daacfc148c1723b6d2c4848a80
Score

3^/10
behavioral26 behavioral27
- Target
  
  sign_verify.png
- Size
  
  80B
- MD5
  
  964960d8d0f2c3734117392e9b53cead
- SHA1
  
  3560e60f77dde2822c0819a241784456a42e34ce
- SHA256
  
  8b8da17a789f40be7489c6c5df7c2573443fd9616a18b2b52bcde4c813eff35e
- SHA512
  
  e0033e387a9d1cd194a9590c90da0dd1412c8595e4a341c55f4e92056a098840064b33b1e1d9d8dffbb4f9934ca7799aeee216cc63fb615b83c715d01f801ab3
Score

3^/10
behavioral28 behavioral29
- Target
  
  signed.bin
- Size
  
  16B
- MD5
  
  1f9ae96b1a7bf6afaaf48b880f4268da
- SHA1
  
  9b6f4e19714d77e55522c233b6ad0786ce575518
- SHA256
  
  172ebd3404bffe075e3e2ce13d65448ef33fdeba2229e27e7973a5672b52d7f6
- SHA512
  
  c84507ce08d3d6ad6a07c2ee4b8316d4405e16ae0ec2ed7c49ff0215f250d459146ffc0eddba6603620389a3468cbc26d26f399aa4d555e8799ad280633ebfd8
Score

3^/10
behavioral30 behavioral31
- Target
  
  tiktok_data
- Size
  
  25KB
- MD5
  
  240b83ae81ebc387c619c85fa36e2baa
- SHA1
  
  d1b23317ee41f782745f8c2e7f2ebc9737441275
- SHA256
  
  25cff9977ba0c0c8be7a60aa5347774cd270e85a694e379a521298d1d9389bee
- SHA512
  
  18e069fe5ad3873937ad15d61f88f246271fe9464a8853bf36fa2a390a7bac6cc46ff4f2367ae7879013850bfc5be21febb2dd16a3b7bb57762a97c55da3af40
- SSDEEP
  
  192:cULmKaULTxcULDHULm0ULmcjULmS5ULmwULmL7ULmRULmsULm2ULm9ULmmULmZUr:9rp
Score

1^/10
behavioral32

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Checks known Qemu pipes.

Checks computer location settings

MITRE ATT&CK Enterprise v6

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32