General

  • Target

    647651802e0220355191124c039a1794.bin

  • Size

    181.4MB

  • Sample

    230922-bzkb8abe4v

  • MD5

    647651802e0220355191124c039a1794

  • SHA1

    dd30738f46a5822fbc1bd4196d04cb3af00dc67d

  • SHA256

    71047057a5292c1d4af14ab11799695de4aa18f1d9b988ed00b9d1a0a3a683da

  • SHA512

    92e8d588e29af0188ceca137084c9d62e594b20cfe93a4b39dd0f53846866307632f8fda95f3b927329a906e9946aec8a743f83cc4aba08323f3d123fa376e58

  • SSDEEP

    1572864:b2BoJr9FC9gpzTq4JHF6RYOZh1JBZmvr0rJ+rIwlehIyJP5DBP/1ingZdIoCmYDG:KBMrCgpx9F6RxJxJy/stJP9tIZ2cwGs

Malware Config

Targets

    • Target

      647651802e0220355191124c039a1794.bin

    • Size

      181.4MB

    • MD5

      647651802e0220355191124c039a1794

    • SHA1

      dd30738f46a5822fbc1bd4196d04cb3af00dc67d

    • SHA256

      71047057a5292c1d4af14ab11799695de4aa18f1d9b988ed00b9d1a0a3a683da

    • SHA512

      92e8d588e29af0188ceca137084c9d62e594b20cfe93a4b39dd0f53846866307632f8fda95f3b927329a906e9946aec8a743f83cc4aba08323f3d123fa376e58

    • SSDEEP

      1572864:b2BoJr9FC9gpzTq4JHF6RYOZh1JBZmvr0rJ+rIwlehIyJP5DBP/1ingZdIoCmYDG:KBMrCgpx9F6RxJxJy/stJP9tIZ2cwGs

    Score
    7/10
    • Acquires the wake lock.

    • Checks Android system properties for emulator presence.

    • Checks Qemu related system properties.

      Checks for Android system properties related to Qemu for Emulator detection.

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Reads information about phone network operator.

    • Removes a system notification.

    • Uses Crypto APIs (Might try to encrypt user data).

    • Target

      actionsQueue.js

    • Size

      14KB

    • MD5

      82b447366ff35e410389ffafed6798de

    • SHA1

      16ab455ac17bf809fbf24f95d9c0dbe030b76f96

    • SHA256

      2e121b9f6ba6f2df32ac9481262d69c38e9b57d8a1bdeec4054247975d26f925

    • SHA512

      c2e8f3a0296b295a953624944d366c136f4de82a6c9a5b1cc4d509952b3895cc3672bbc6089b9e1d23d9b20e8012300dd2565fa102e08339726331626bcf957d

    • SSDEEP

      192:ylpi0RiSH+IGqSCz84o3SCFia31NsjIsjYxqi+MC/RSYFIF8zE4Ogtu69xIOHEMw:mNeICibDI94OnXgPKcc

    Score
    1/10
    • Target

      aps-mraid.js

    • Size

      11KB

    • MD5

      389c19f932d910dc56dd904afc637c9a

    • SHA1

      1fa7df6337eb44cbdd4e11279aa0976185a3c012

    • SHA256

      cb7d05b96bd63ed2156cad6a1696d580eaa9eb21854b70be9b0d9818591daf87

    • SHA512

      a99627c334f047c43ea6764206801d367330ea8de101c3ae8cc1be4d02ab29030832ccb776b8737c81c365876631bd0fd0fabea09b3c6b26ea4c428dca2fa66f

    • SSDEEP

      192:piC6dCpN5+RG3Ry7MtlT6u47zWtahPlwP2i5yMSyN7nwgR046w151JP:pJmCARGA7MtlTjgZlwP2i5yIEo046wJ

    Score
    1/10
    • Target

      dt-mraid-video-controller.js

    • Size

      19KB

    • MD5

      b1fe77fe619b46ae3e167fae84bd8830

    • SHA1

      f185f3fa2b390c14df5cafa42066f77348d50ab3

    • SHA256

      25a4f95f4d060b2a57a950b2071a2934e1d32caec8f0e67d9c6ab71332cc0af1

    • SHA512

      63c05560ab097debf98c42de21664975544791ee9f227e933843c9e8cb759256c376987ced33e08a12f868064d01f7b2b42ce519db618fb5c85dce0f2ca9bfac

    • SSDEEP

      384:7eEgPcMVXh9OLjFmgeFIS3JOSMP3TKa8m9T:7biZhyF

    Score
    1/10
    • Target

      dt-omsdk-mraid-video-tracker.js

    • Size

      4KB

    • MD5

      985e868e5a88c72cac44928496dedfec

    • SHA1

      b68a8bfc75c34cf6b8bc4316f045d88c8d748e91

    • SHA256

      1e36560eda8c2d290d00266a7da4adf9f46c890969bdaac32b5ac95238392065

    • SHA512

      54b97ffb8b3c4455031fe909ce80e2601e10ce77b486c944ead8f7de8c2dcf9e888d602ff5776b625d4556e2574ea4784e07f08d75c657cb3f89f9fe6bb850da

    • SSDEEP

      96:6AwI+Rtr3nKdI+W5EJs9GrehUgdAczj0uzvOKnVNIhjnin7yIyg:6AwTX7nWT6EW9xUSAUguzvOKnVNMin7T

    Score
    1/10
    • Target

      dtb-m.js

    • Size

      39KB

    • MD5

      86bac92a5901d8b063e93419775d8eec

    • SHA1

      dd9028acc20ebfdfacc6fc7588692c1a6e1f20d0

    • SHA256

      b94fad9c2b75a4339610f5f8164b14a9999b2cc74ca1cc44d263ae8b41e2ee42

    • SHA512

      adcc55a0210d7de5d6f5dbce0bbe8bad67bd07c097171acc40fa2b87d98ace45976f5c5413043722f7388a3965688436bec82b08a23ef9cb4caebd11078447c7

    • SSDEEP

      768:wm5hDgB3X78OZvpAVSZDyZgs+rACp5+lW8wZ+H+:wegRLZvpwoMgPPNp

    Score
    1/10
    • Target

      fyb_iframe_endcard_tmpl.html

    • Size

      520B

    • MD5

      7844cba73b7b4b439b587dd501e92d82

    • SHA1

      25a452bc6886d0e05d4a73da785021fd4c477a04

    • SHA256

      e042e304cecd19bb6816de0150d3895e2717e66dda91f7e189610687c049dae6

    • SHA512

      f54c2d7c0b265aa7c6feb18b8fb6740e01c9e3aeb19bf420d39832737fa59eed8fb959c8aa8a99c0efc87ca3399a244a918f0b4e90b0ee831a87e8afefdf2711

    Score
    1/10
    • Target

      fyb_static_endcard_tmpl.html

    • Size

      3KB

    • MD5

      d18fb1787ce0e84567496b8564e452aa

    • SHA1

      007033d0824685600611af6992060577e127dd23

    • SHA256

      2ae5e0576febb1a1cd63b10bf71644f99fcfd0fe7fb1f2d19525594165294e51

    • SHA512

      ba5225a80941e3ee4ff18401b910968a6cab47634914ecb68213599b96fd4b39c8722e82bf2883faf355d9416a6f2acaa36151a5d8969079cfcd4c6795f6003b

    Score
    1/10
    • Target

      lottie_reward_redeemed.json

    • Size

      238KB

    • MD5

      8fe0dd82c778de6c1c526504ab4b8e82

    • SHA1

      0c1e9244f27e276442a957ecae9a0b723b7dc72a

    • SHA256

      b37d144fe8423641be09341d57d47977277974b756f666075396f883571b938c

    • SHA512

      fb4b3e9566a0ae7c85c6d80a143888a24296149c0fedf9d061c1b18054ef0e48480d8a788e801b05f61e43ef7e3f4865bf8a0f331543a70fa46514c97453468d

    • SSDEEP

      6144:30H0Q0H0c020U070y0R0F0u0u0U0l050J0J0xwgd0jRKRjRdR9RSRXRoZJxIdrq+:30H0Q0H0c020U070y0R0F0u0u0U0l05p

    Score
    1/10
    • Target

      mraid.js

    • Size

      44KB

    • MD5

      103bc103a4080ce6931336831b791364

    • SHA1

      f759cb23d330937c47c9d8af59d9c6c72b7c2d05

    • SHA256

      d42d20cc7e8a01cb50be9747bcec585654de282d9e21f340e772095cca5d07e3

    • SHA512

      f25fa39044a8b36ce695b435f2c8583d236ced2361eb0462748d7f126a8536448ca677ab92b0fdaa17527cce333b3e30ee47f8e84616dda31a4cb940c74ced7d

    • SSDEEP

      384:QNeICibDI94OnXgPKLeALdCW/yi8Ld8U7mPs:QIIrbJK4

    Score
    1/10
    • Target

      nimbus_mraid.js

    • Size

      927B

    • MD5

      7f11aa05c996eaf805c4468308f10e8a

    • SHA1

      aa114c064c72712cb2954f69e2f7aa7a5b75b429

    • SHA256

      610de4745626b0fc3f360c48eba93afa2ad2fc50de188512b0f09331358f2b3d

    • SHA512

      888327db2c312bd16a71dc44c04b1aeb22cd2b41564cde6be19c08a93a2e5b787abb1bb9f4b3e7b9a3708f161b192eb887b972b5669ff230c7596a9f7846bc01

    Score
    1/10
    • Target

      omid-session-client-v1.js

    • Size

      55KB

    • MD5

      ec66bd4160d9cb6db650caf6cb69b796

    • SHA1

      8c38ea5527844653eb6014130923542b57451297

    • SHA256

      e6c434e64d8c73759b7fdc69d331e89489127bb0da59168b02e16e6c9165afb0

    • SHA512

      b8e6e93ccd9b5a275f6f35a25055513fbdd99b9ec8cd4271a7bc7f8096f13cf83ad2195e8d88af013e48133276361dd54fd4373163ab197b1b8668fad376e045

    • SSDEEP

      768:RJkFU2PZiCCZVHAzqfiTGmKHg/1wEcvA5fioZgkwqDCWBoxKmvwLqI6Jg656TT6D:4FzCZ2tTDHCFT54/dE

    Score
    1/10
    • Target

      omsdk-v1.js

    • Size

      38KB

    • MD5

      497c3d33cc100ffe210aa776d132ed94

    • SHA1

      7815fb9cf1b97a1f2b58f9ee3664f796992bcef6

    • SHA256

      04247270adccf47bea173c0eaaf55db68352efd84208ff06c44b0161293152fb

    • SHA512

      c824b2920d3a810b702609980490f1716d99143f83692e5d79d0fce6872d2dda2d7c839cc01337c2bcab4b9875af9e726b1ad8678eb0c2739f9ac9ff81effdd3

    • SSDEEP

      768:X6kymXj28XPXwfBKn3ySNLTcC/XxUsExU58JVzdkmkWqa6W1s+Z7iUVtP9hzCsu7:X6kPXqrs3b3ExU58JVzdkmkWqa6W++ZM

    Score
    1/10
    • Target

      vpaid_html_template.html

    • Size

      16KB

    • MD5

      e276e92e96646fdac5a1988074f33954

    • SHA1

      1a7aa338deba5f148ea18666ec1ec4fbf5ea148e

    • SHA256

      4b8fd03cf268f9cd2f7432e13e8a7862760f7a6ed10bbf96dcc8232d2d382b42

    • SHA512

      8425f53afde718047c310fc74a8d3924ce47f61f33fbb99d52147364244b9252b87ce1ebaac80db9d27151d0969537737c042e0f615e354bf2edaac6b13ce065

    • SSDEEP

      192:mrLYJFkVvGFQshArPtP842+Lw1wOEeR6kad8bWXSrJEBOn8TsjNC4ck8aanlDTt2:8U42Fn9qW4+EQNuSXIlodoG

    Score
    1/10

MITRE ATT&CK Enterprise v15

Tasks