70dd7c6a24be82faf904ea7d970166e3933ee7501842c22b1376bf7b269fb4f9

Sharing

Copy URL Twitter E-mail

General

Target

fc35e8269ae8dcb9dd1debd2086e5a0acfb41b4b00a8da388aceae9a288c0657.apk.zip
Size

107.9MB
Sample

231007-3jmaesae38
MD5

ec027b620b4c957e02545df4e49ed20a
SHA1

ebba16d255188563d59bbc9154a5e6152bd7c296
SHA256

70dd7c6a24be82faf904ea7d970166e3933ee7501842c22b1376bf7b269fb4f9
SHA512

8ca74b07865d8be75ecfbc1a054ce3669f4b7a7bfcfa3301d9e0dae8baeb984e9f69c8c22f3c83e3a0d9a84bc809b43ac01a5ccc6b360ff03684e7e692b25f70
SSDEEP

3145728:0rRHCwg4WtyK1oFJkMShkaOhQI89kCl0VZ:6tnKeFunhkpSI89kCl0

Score

8^/10

Malware Config

Targets

- Target
  
  fc35e8269ae8dcb9dd1debd2086e5a0acfb41b4b00a8da388aceae9a288c0657.apk
- Size
  
  116.5MB
- MD5
  
  04e6631ba36a5913ef14c3b4efba544a
- SHA1
  
  7c0fd40c423a42fa6c87204cc07eab4e1c6e75e5
- SHA256
  
  2d610ebb7066bfd035a905d18e4d103ab79f1d3bd39b73e1944bdb19c4dda3e7
- SHA512
  
  2100297854bbd749247073cf1ccdbc87eea2069def7d9523f4eb55c2fd20cb2d52c5b3a2a5de39bafeac14bb08f383e5ea43f4d379486c769cb2bc16757e8a43
- SSDEEP
  
  3145728:N3OnvqFNBUiwmqVYV46gB3ECMF6mcEDvRf49oVlJkJZeMlHy:NKm7URZVME3ECrFEjGuAZw
Score

8^/10

banker evasion
- Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps).
  banker
- Acquires the wake lock.
- Loads dropped Dex/Jar
  Runs executable file dropped to the device during analysis.
- Removes a system notification.
  evasion
behavioral1
- Target
  
  AndroidRuntimePermissions.Runtime.dll
- Size
  
  9KB
- MD5
  
  83d09d2abb4c13a6ebdd655eb55417bb
- SHA1
  
  e963fd80ad1f9d451036086463718a0bfd16aaee
- SHA256
  
  145a90be68e57c1b7f836a16926c8600a72356acc6741747bebc3f3da65053eb
- SHA512
  
  95a185bae35488cebdfe7ca2f2df0f7c84417998f1da9882ea0762e2744b0c46cdf1c485b0804633934f33f7908bca6011ae6c72dc3820cf423dd88646fc4296
- SSDEEP
  
  192:nyXoyVia0q+QB3O5NzPCEfAN3TS8rqdV963+rGBry:ny4yoR0BsHAVS8rqdGOKBry
Score

1^/10
behavioral2 behavioral3
- Target
  
  AppIconChanger.dll
- Size
  
  4KB
- MD5
  
  6828e8b004e6c42be04968254c5a909f
- SHA1
  
  6dcdcbddee33825bb8f080a449830a1381026398
- SHA256
  
  f025ec1b85a3f880a0092b77dd7b88309a62386e4ac609a5b6b117da1e114d0f
- SHA512
  
  62a960c21f767ae486e4ac9f540dab77e8bdfae506bb532a81a320d1626ec7b9dc6ef74e1244f3d39293c6815e7633637ee6d3ad3854e9099e656d528cd1d420
Score

1^/10
behavioral4 behavioral5
- Target
  
  AppsFlyer.dll
- Size
  
  36KB
- MD5
  
  5004f6cce3e03ad30202fa510bddd5c2
- SHA1
  
  a17b0e60adba1bf16dd47b62d30ad340d7b2fe6b
- SHA256
  
  480ac1d44f349ea30f5b360807d3415ea6ae4a545678935e5cb72161f4717a43
- SHA512
  
  93910e8f66c566ecc38790ccf53d7c9a43040c03e1eaf48791769bc1a3735a8a2852c82df8917557021040d73cd8564abab097e8c58431ac4f99302c6167a8e5
- SSDEEP
  
  768:SbmVdnjhqfYnVJG3DiLK6PrVFDFruE+IsyDhhh9:WmDn+iV4uPJFDH
Score

1^/10
behavioral6 behavioral7
- Target
  
  ArabicSupport.dll
- Size
  
  13KB
- MD5
  
  6cb0fbba1df139d8f836df2ddec66a8a
- SHA1
  
  ad2d7a112785726a766f09aeb646fd2c5590e7b5
- SHA256
  
  64e4226ed624172ce7654aa9ee5946d48219084bb02cbf49c5d76898409ead23
- SHA512
  
  eb95ba8266e6d10d7c1dbd314730ef89e4e1fcf719ed3c27a73ff629f81c1013bdfa47af212ec8e41deaacf565941d91dfce1af3b4a307c26982ca852b92a0ff
- SSDEEP
  
  192:+lPrXAuAQzIuiPfrEYy16gqKX+b0dWGa9sh8r65WF+bxTZ:Cr7AduurE4GGM5Ww1
Score

1^/10
behavioral8 behavioral9
- Target
  
  Assembly-CSharp-firstpass.dll
- Size
  
  386KB
- MD5
  
  69a6bc07ea921379dc0c127a29b3ef55
- SHA1
  
  bd4bc798d2b41ab5820e9e65ecc6bb9e6d86bfc4
- SHA256
  
  d1e7e10572e9698341d09e43c513e225c9a5cd1cea8b3ab1d586441ef5f26bcb
- SHA512
  
  bd880b09fc23cdaae5b7208b0ace5f4476ab56dfc071c38659e0d81d2b18cf3f10f67ad47a2eacfad2e31d60a827ee945ecefae24dee84fc98e1be6010944733
- SSDEEP
  
  12288:6yIJXfi2CcU3OXnPYRLOA6lCfBfHJONzS82bBfov9U:6y4hpwKnUORS82bd
Score

1^/10
behavioral10 behavioral11
- Target
  
  Assembly-CSharp.dll
- Size
  
  3.5MB
- MD5
  
  cb3dc275ec04b3c0a078ca07a5ac7ba9
- SHA1
  
  9703e257f68bdb6a6311f9e8eb92e165ca1e01b5
- SHA256
  
  6e85c3f109462c6944213f5ee69e36a3599ac49b3c60735155579416de34057e
- SHA512
  
  11d1b8a991560c55c0c83bf74bf92d227a5cc116b9ca820c3ac6dbd6bd26238c19a1abd9b53b06b5707395a96ab27a711a43d848857a49b69cd0e7640ed7bb1b
- SSDEEP
  
  49152:c+BSsUgomr7iw+HE9rqEqSCEAtNPQ8RiTg+2krCUAwSJMv0f5Om2k3xaPopGssDM:c+BSsLN+HE9rqEqSCEeQ8RiTvug7
Score

1^/10
behavioral12 behavioral13
- Target
  
  Bugsnag.dll
- Size
  
  8KB
- MD5
  
  9f9f9c115902795304f8bd54a699da4d
- SHA1
  
  eb5cb6dc0a6b639979d8aa86beb1a338a1620551
- SHA256
  
  49e46ebff3ca633d7d74612e8f0d1aa8c06b346a7615607b8c2b22f80b8eb30b
- SHA512
  
  5099219f702169b132bd30bb2c66d35f9aa631933d5398583dd360931c201d94f2eb1f6ec060158cd1d96dafc44216500d481ac48eeeddd2ca50c12969e72b6e
- SSDEEP
  
  96:ln9pB6RnEWD55jEYG173dOUvpnYG5o5F30RfCY2jJ5jQlbKFUldjwa8x:PpIEWD551G1E0f4d0l6j7jQl0U3sb
Score

1^/10
behavioral14 behavioral15
- Target
  
  BugsnagUnity.Android.dll
- Size
  
  148KB
- MD5
  
  4609f12003acee84f1d4ae82fee54521
- SHA1
  
  6053b9afc039c226c99e4e5377ba7a0dca2edf48
- SHA256
  
  462d1324ba1b211090d9d2baf08675df7d3bee703f65e0e4d4f7a9317a1a4f54
- SHA512
  
  507d7879dcde401c326cb5aff0854280ad41b19b00e782b20ba670c985790855e8aa4d65ff189a6221fe7ca8ea66c55f96ada04149cfbb705e85398071e72cdb
- SSDEEP
  
  3072:zR6z2Q9Dovbh0ViR0YQn64pVn8UbXRgx:rUEveViG4Yn
Score

1^/10
behavioral16 behavioral17
- Target
  
  Castle.Core.dll
- Size
  
  432KB
- MD5
  
  5fd9509e23271b37ed2ff8b8c8871e9b
- SHA1
  
  67e3d1afd27fb570938fdd922f86b48137c81c3a
- SHA256
  
  9b555bc6f25753f1de58bd5a12c26d21a034914d9b8d56aee7c4fdb6365f11d2
- SHA512
  
  ea81645c5699ed83aeb137296dd9ec2a432d24ddc55193e930ed8c4b55663052d45cff01346ec19881ef7096bd73f68d429407570a82e767213c73c2b7664e41
- SSDEEP
  
  6144:9qS7E6tO0vCqltN6Z1G+9FkdbAnGTZEg8UJrF6YdUb9iNDCqRBHpZTdj7dH7+:rEz0vmFkBAcHT6YdmkCqRBHpTZH7+
Score

1^/10
behavioral18 behavioral19
- Target
  
  DOTween.Modules.dll
- Size
  
  43KB
- MD5
  
  f7de5f7d48995c295d328a7089ddcbad
- SHA1
  
  9d750425db800471ad4adf2ebf96f8044f9fd019
- SHA256
  
  983f5be52724d97528e9c919bba52da226fdb640d57be8359f5c42a336a29e52
- SHA512
  
  2d84950e213670eb1f448d65b5d790f039dd1ad5381d19ec390c89c32a582bdc43917f0d557a5c65225345e04af1627ba300644d71a0fe308a5314cc9e40fa90
- SSDEEP
  
  768:72KFTysL4GZEXV25x0MVDQBRBXgKoMR+mAAlraJhX8ikrhT:72KJysL4jMVY/XgQsmAAlr0Hkr9
Score

1^/10
behavioral20 behavioral21
- Target
  
  DOTween.dll
- Size
  
  158KB
- MD5
  
  b0c92c3bbe4adc4881598bd16c5c0202
- SHA1
  
  1389b9c2c30a4cf013e3109a670af53f1b292dd3
- SHA256
  
  48ea88b9fc7d95fc04ae333e7df4fdeed865ec39629382e5524f5cdc32e7dd4e
- SHA512
  
  445d4896ab729777c0f32dc37ff67991b8847bbab36b849fdc8146ec883b050791f076dbd0dea55215901d9c2c876b8bcef269f087d9a15de70bf2ea8ff5054c
- SSDEEP
  
  3072:wmJuRf6eC3QaWnGpRXrfVvLyNXfFoldyFi:wJRfdLno5DVvLndE
Score

1^/10
behavioral22 behavioral23
- Target
  
  Facebook.Unity.Android.dll
- Size
  
  4KB
- MD5
  
  662fff442d813495c7294ca802dad81d
- SHA1
  
  775f9e6e0893ef62c473294d4621bee3bca83fca
- SHA256
  
  cd75eda7b5dda263facabb62f65f378aeca49848b7bd34f5efb359ffacccee3a
- SHA512
  
  b020d3c7e113bf2738b089364939a96d51f4d4f6ecf3bdfb513cac5205253d43c45de203a1b77308a540cb2b20515660aa61b5d38e7ffae48c9c673532e3fb94
Score

1^/10
behavioral24 behavioral25
- Target
  
  Facebook.Unity.Settings.dll
- Size
  
  9KB
- MD5
  
  4276dceb6dac16e46423b01a6fe1d9d9
- SHA1
  
  a829600637a6bd9259a6d532eb8361713a947be2
- SHA256
  
  0a1b5f4838008daa13e8e00d03add310eb2088afd09afdbe53a32295cc6bf686
- SHA512
  
  a35e10bd1e3bb4bac42b1af3a652d4d828ae399949e3c64be85582b4642b01aa1e0223efd63860a6fbad0aaf3e8b15cf564aa2355c61aa55d4e7c3b71d0c71e3
- SSDEEP
  
  192:m+AgyJz8L7mSIY4DdeB2SiF0VViyUlQCtviFo6S9DcDR+:m+pE030eCBiFoA+
Score

1^/10
behavioral26 behavioral27
- Target
  
  Facebook.Unity.dll
- Size
  
  156KB
- MD5
  
  f9c91a921b4f11f771241e57a03a0c62
- SHA1
  
  a98d3daa11336faf3bc4181f27e2e8ba94eba01c
- SHA256
  
  ed509ef0dd887e6b60b065ba3f9156992a5194014099e1cfd195d1cd0e9132c7
- SHA512
  
  ed40969a9007eb3f4d68f6d0a63442fea08345b1d017c79dd5dfdaa7d54bb572a5346e23af13e236e1ed7f5b9b8fb19822947ca0336ab74837e00949c60ca5aa
- SSDEEP
  
  3072:GbKAbdwsYTTRq+REYAcSvWj00n+1MQMx17zHAREkaNIKHFHMIsc:dAbasD/Sdn++bSEkaNI
Score

1^/10
behavioral28 behavioral29
- Target
  
  Firebase.Analytics.dll
- Size
  
  40KB
- MD5
  
  e665bc929fe1728fe4238b53102e0c66
- SHA1
  
  dcb971b7748c91fcdd0b99abd89dec48e04f1dc2
- SHA256
  
  1de40fd8947b24df53196498651017eb091fb989df444a73e592cc288290c772
- SHA512
  
  61b7089e572720e962af0618b24089b01e74d6a3cc552256d9cf67ab2d824046154474c6603ca70fa982239c16af31ccaca66410e26789353d7f98f75ac7ac4d
- SSDEEP
  
  768:NtmMJUdwcFayw4cl/KslvKVQ/Ez2+EPuBzPcY:NEMSdzFaZ/Ez2+EPQcY
Score

1^/10
behavioral30 behavioral31
- Target
  
  Firebase.App.dll
- Size
  
  87KB
- MD5
  
  eda57ce86c018b7ec757ce925387a54e
- SHA1
  
  8cfa2b8b97b86b105f99ac3d6583d0a995845ba6
- SHA256
  
  5966a1c2664b3dbcd2de1b8acbfe48170df353d6344a5441fc37d12784fdf103
- SHA512
  
  90f4497959e2fad4ec9b770031dae2f18d2cbfc4afcfb64bd2e3d490cdb426af757e179ff5ff391cc307479040853e9de80713c9ad12d1d10a7bc3a005eec822
- SSDEEP
  
  1536:y/4tHJMGv/PikqCwitgddVeNzxjbPkcN4u5:y/4dJMGnKkJt+ebPkc2u5
Score

1^/10
behavioral32

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Targets

Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps).

Acquires the wake lock.

Loads dropped Dex/Jar

Removes a system notification.

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32