87868e24a41338531d38fd7172973a95ce2a477200518a83b2d4190e2ee7d1be

Sharing

Copy URL

Twitter E-mail

General

Target

8ede28cee092935155eedb1e334c75ef2f7ceeaae297b6fb898f56541cc3da7a.apk.zip
Size

107.9MB
Sample

231007-3qtcbagc61
MD5

cf8cc8bf0ebc64421c112e450b90fb13
SHA1

992e4a9e5bab29476ba604330376e2d696360eb2
SHA256

87868e24a41338531d38fd7172973a95ce2a477200518a83b2d4190e2ee7d1be
SHA512

d4aadc32022390431369c7f4cbe2669852184ee4f67ed3ca07a37253119cbbce83f5e94f50989b9f77a145258618aab3cac41c2ec276352c0d69f227aa85fdfd
SSDEEP

3145728:I6XF9fwJXg8r6mt3OSd0tRrZD/duC8oEIdvxUakaf2Gk5Z:IdJXgGFOSqtRr54C9rkaFk5Z

Score

8^/10

Malware Config

Targets

- Target
  
  8ede28cee092935155eedb1e334c75ef2f7ceeaae297b6fb898f56541cc3da7a.apk
- Size
  
  116.6MB
- MD5
  
  30350fa552d6e617ffadc367804ed02a
- SHA1
  
  a35745026d5f40f35c416b1696197e71cbcf9d66
- SHA256
  
  4882d0ddb42fc737e1c96e8ce6e236d054086f6234a7befccbee9b1bbd17e06d
- SHA512
  
  e41b72148a7444f48fd3b2a41644ff6ddb106beac8ac5f46c14f61824f230193d4319ccd0e9fe3856a5e7fc989c823fade17293b2623349018d735f3e028c5d6
- SSDEEP
  
  3145728:Ux3X5tGYw+bV++zjIPOB9lFwmVq9IzRf49oVlJkJZeMlH/:UxSP+bVV9vlFwTKzGuAZp
Score

8^/10

banker evasion
- Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps).
  banker
- Acquires the wake lock.
- Loads dropped Dex/Jar
  Runs executable file dropped to the device during analysis.
- Removes a system notification.
  evasion
behavioral1
- Target
  
  AndroidRuntimePermissions.Runtime.dll
- Size
  
  9KB
- MD5
  
  c39f4e541f75ed5bc435e2d483a8f255
- SHA1
  
  3acfd6e6f03b2b94f09a167299fd99ca480a9e1b
- SHA256
  
  be1815d4b599d8bb29519236b752dca7cb3ffa816059fc914ac30916ebe5a82f
- SHA512
  
  044ea032e5cd612f09be4dda543e084a29dc6504890895587ecbc5fce8671fb6b837a92da0ad934c5bbdf67719721249f1608e3a1d1dd4dde36a93c7d6a25845
- SSDEEP
  
  192:gyXoyVia0q+QB3O5NzPCEfAN3TS8rqdV9o3+rGPry:gy4yoR0BsHAVS8rqdcOKPry
Score

1^/10
behavioral2 behavioral3
- Target
  
  AppIconChanger.dll
- Size
  
  4KB
- MD5
  
  d709be5c4eff61bb745d0ec9d57bea6f
- SHA1
  
  6999b8ae4b4c38115a558315db76aab5c81f1c02
- SHA256
  
  8479c97762c95fc44bf71750907a63d98bac1cdce4bf63f164cb5f2bec929280
- SHA512
  
  f1254a1bfb5097f69fd8e540ac379ff9bf588b54a0dcb76b33d0ace3b9b440392091c8aac8cdb1160c55a2bf20292e88cc927e7c5c8c1949a667912ee485cf4e
Score

1^/10
behavioral4 behavioral5
- Target
  
  AppsFlyer.dll
- Size
  
  36KB
- MD5
  
  be196d646c34e01a41c1b30de5651fec
- SHA1
  
  0aaf9f0787322d916276de3c4aa3595fc9dccb4c
- SHA256
  
  bc0d22f7b2648afc9e8ee0c6436d0f69361da1cc3638d0b7116acb51447566cf
- SHA512
  
  06f1c28ef16643b96c2ae9a0a72f54ee146d152ef7feee55a2956bd6066183d7052804e8cff99c0ce7322d64664e8e538c2e2973bdeae1948fb06f5bfb9a2479
- SSDEEP
  
  768:8bmVdnjhqfYnVJG3DiLK6PrVFDFruE+IsyDhlhp:ImDn+iV4uPJFD7
Score

1^/10
behavioral6 behavioral7
- Target
  
  ArabicSupport.dll
- Size
  
  13KB
- MD5
  
  6cb0fbba1df139d8f836df2ddec66a8a
- SHA1
  
  ad2d7a112785726a766f09aeb646fd2c5590e7b5
- SHA256
  
  64e4226ed624172ce7654aa9ee5946d48219084bb02cbf49c5d76898409ead23
- SHA512
  
  eb95ba8266e6d10d7c1dbd314730ef89e4e1fcf719ed3c27a73ff629f81c1013bdfa47af212ec8e41deaacf565941d91dfce1af3b4a307c26982ca852b92a0ff
- SSDEEP
  
  192:+lPrXAuAQzIuiPfrEYy16gqKX+b0dWGa9sh8r65WF+bxTZ:Cr7AduurE4GGM5Ww1
Score

1^/10
behavioral8 behavioral9
- Target
  
  Assembly-CSharp-firstpass.dll
- Size
  
  386KB
- MD5
  
  313d7bd04d8ef88585cfd45267424ab2
- SHA1
  
  d3397237057d0938d252108a861ae75809de1c68
- SHA256
  
  d6a412cf0e3529c727262cc3bbae41945b300d4e04aa0d58ae0d2e7a201c3557
- SHA512
  
  c285745cda47162811a2a09a3a98e461ed509b4188a7914b4cd606c8f8c03905fbff6dcd57c664b20c3f866d82f87b7600bd4090097562d812e1ee65f6d8ebc1
- SSDEEP
  
  12288:MyIJXfi2CcU3OXnPYRLOA6lCfBfHJONzS82b9fovqU:My4hpwKnUORS82bJ
Score

1^/10
behavioral10 behavioral11
- Target
  
  Assembly-CSharp.dll
- Size
  
  3.5MB
- MD5
  
  486fa696cadb50a07a8b41baa93c80cb
- SHA1
  
  26548616b4e6fb6ac2daa923d6bfa48e2a054700
- SHA256
  
  017591ba439d2e776b957e0c4b00692b69b2db9209e1cd29bff96e5781dedf6b
- SHA512
  
  d776a45f02cea0821760021c67a8ec8cd83a428e01db82e8a58f3d82c953101072915a06438a12e537972c38813ceb999353fa3f1afadc08383a4470e43db4d3
- SSDEEP
  
  49152:FBcEO2aYeHPNLE3C/WW2v96s031ko/wS+Mvaf5O6OA3xaPopGssDe6S4vjRxL/hP:FBcEO2aYevNoyW6s03yoYe
Score

1^/10
behavioral12 behavioral13
- Target
  
  Bugsnag.dll
- Size
  
  8KB
- MD5
  
  a2c63c46d4cea2251419a62150fbc054
- SHA1
  
  df53098cf4385446b912cab9d50fa640ba0dc4d2
- SHA256
  
  f1c205a53c96ef5394a1f97f4e1ab7c10418fbdf551919e5eb0f8fa603c17ef3
- SHA512
  
  ea2bfa2920da420a2ee640f8aac20260b87cc854ce0c520eef8d89c8e4c883d2b6fef1bd8d93716a3714a358c4f213f49ae51e817de7484d078210bcb33fa901
- SSDEEP
  
  96:/n9pB6RnEWD55jEYG173dOUvpnYG5o5F30RfCY2jJ5jQlbKFOdjwq8x:VpIEWD551G1E0f4d0l6j7jQl04sL
Score

1^/10
behavioral14 behavioral15
- Target
  
  BugsnagUnity.Android.dll
- Size
  
  148KB
- MD5
  
  4609f12003acee84f1d4ae82fee54521
- SHA1
  
  6053b9afc039c226c99e4e5377ba7a0dca2edf48
- SHA256
  
  462d1324ba1b211090d9d2baf08675df7d3bee703f65e0e4d4f7a9317a1a4f54
- SHA512
  
  507d7879dcde401c326cb5aff0854280ad41b19b00e782b20ba670c985790855e8aa4d65ff189a6221fe7ca8ea66c55f96ada04149cfbb705e85398071e72cdb
- SSDEEP
  
  3072:zR6z2Q9Dovbh0ViR0YQn64pVn8UbXRgx:rUEveViG4Yn
Score

1^/10
behavioral16 behavioral17
- Target
  
  Castle.Core.dll
- Size
  
  432KB
- MD5
  
  5fd9509e23271b37ed2ff8b8c8871e9b
- SHA1
  
  67e3d1afd27fb570938fdd922f86b48137c81c3a
- SHA256
  
  9b555bc6f25753f1de58bd5a12c26d21a034914d9b8d56aee7c4fdb6365f11d2
- SHA512
  
  ea81645c5699ed83aeb137296dd9ec2a432d24ddc55193e930ed8c4b55663052d45cff01346ec19881ef7096bd73f68d429407570a82e767213c73c2b7664e41
- SSDEEP
  
  6144:9qS7E6tO0vCqltN6Z1G+9FkdbAnGTZEg8UJrF6YdUb9iNDCqRBHpZTdj7dH7+:rEz0vmFkBAcHT6YdmkCqRBHpTZH7+
Score

1^/10
behavioral18 behavioral19
- Target
  
  DOTween.Modules.dll
- Size
  
  43KB
- MD5
  
  5098dfc9808a0ab6cc6c7c9c6be0ae45
- SHA1
  
  636e5eaa2b61a2dd9b60648a3eaec109e8dd69d6
- SHA256
  
  fb613421fdd7200bba216c90e84e425762aa930b0223beaf924a274edd256a9d
- SHA512
  
  bcf53646fee187e2d294f03ecd3fd92ac6d5a9931ffeee72bf43ac5002e801c3667cb32854703c275b72010fc483d36a471ff3cbc84e0412a03f70c2d29192d2
- SSDEEP
  
  768:A2KFTysL4GZEXV25x0MVDQBRBXgKoMR+mAAlraJhX8ilrhG:A2KJysL4jMVY/XgQsmAAlr0Hlrw
Score

1^/10
behavioral20 behavioral21
- Target
  
  DOTween.dll
- Size
  
  158KB
- MD5
  
  b0c92c3bbe4adc4881598bd16c5c0202
- SHA1
  
  1389b9c2c30a4cf013e3109a670af53f1b292dd3
- SHA256
  
  48ea88b9fc7d95fc04ae333e7df4fdeed865ec39629382e5524f5cdc32e7dd4e
- SHA512
  
  445d4896ab729777c0f32dc37ff67991b8847bbab36b849fdc8146ec883b050791f076dbd0dea55215901d9c2c876b8bcef269f087d9a15de70bf2ea8ff5054c
- SSDEEP
  
  3072:wmJuRf6eC3QaWnGpRXrfVvLyNXfFoldyFi:wJRfdLno5DVvLndE
Score

1^/10
behavioral22 behavioral23
- Target
  
  Facebook.Unity.Android.dll
- Size
  
  4KB
- MD5
  
  662fff442d813495c7294ca802dad81d
- SHA1
  
  775f9e6e0893ef62c473294d4621bee3bca83fca
- SHA256
  
  cd75eda7b5dda263facabb62f65f378aeca49848b7bd34f5efb359ffacccee3a
- SHA512
  
  b020d3c7e113bf2738b089364939a96d51f4d4f6ecf3bdfb513cac5205253d43c45de203a1b77308a540cb2b20515660aa61b5d38e7ffae48c9c673532e3fb94
Score

1^/10
behavioral24 behavioral25
- Target
  
  Facebook.Unity.Settings.dll
- Size
  
  9KB
- MD5
  
  4276dceb6dac16e46423b01a6fe1d9d9
- SHA1
  
  a829600637a6bd9259a6d532eb8361713a947be2
- SHA256
  
  0a1b5f4838008daa13e8e00d03add310eb2088afd09afdbe53a32295cc6bf686
- SHA512
  
  a35e10bd1e3bb4bac42b1af3a652d4d828ae399949e3c64be85582b4642b01aa1e0223efd63860a6fbad0aaf3e8b15cf564aa2355c61aa55d4e7c3b71d0c71e3
- SSDEEP
  
  192:m+AgyJz8L7mSIY4DdeB2SiF0VViyUlQCtviFo6S9DcDR+:m+pE030eCBiFoA+
Score

1^/10
behavioral26 behavioral27
- Target
  
  Facebook.Unity.dll
- Size
  
  156KB
- MD5
  
  f9c91a921b4f11f771241e57a03a0c62
- SHA1
  
  a98d3daa11336faf3bc4181f27e2e8ba94eba01c
- SHA256
  
  ed509ef0dd887e6b60b065ba3f9156992a5194014099e1cfd195d1cd0e9132c7
- SHA512
  
  ed40969a9007eb3f4d68f6d0a63442fea08345b1d017c79dd5dfdaa7d54bb572a5346e23af13e236e1ed7f5b9b8fb19822947ca0336ab74837e00949c60ca5aa
- SSDEEP
  
  3072:GbKAbdwsYTTRq+REYAcSvWj00n+1MQMx17zHAREkaNIKHFHMIsc:dAbasD/Sdn++bSEkaNI
Score

1^/10
behavioral28 behavioral29
- Target
  
  Firebase.Analytics.dll
- Size
  
  40KB
- MD5
  
  e665bc929fe1728fe4238b53102e0c66
- SHA1
  
  dcb971b7748c91fcdd0b99abd89dec48e04f1dc2
- SHA256
  
  1de40fd8947b24df53196498651017eb091fb989df444a73e592cc288290c772
- SHA512
  
  61b7089e572720e962af0618b24089b01e74d6a3cc552256d9cf67ab2d824046154474c6603ca70fa982239c16af31ccaca66410e26789353d7f98f75ac7ac4d
- SSDEEP
  
  768:NtmMJUdwcFayw4cl/KslvKVQ/Ez2+EPuBzPcY:NEMSdzFaZ/Ez2+EPQcY
Score

1^/10
behavioral30 behavioral31
- Target
  
  Firebase.App.dll
- Size
  
  87KB
- MD5
  
  eda57ce86c018b7ec757ce925387a54e
- SHA1
  
  8cfa2b8b97b86b105f99ac3d6583d0a995845ba6
- SHA256
  
  5966a1c2664b3dbcd2de1b8acbfe48170df353d6344a5441fc37d12784fdf103
- SHA512
  
  90f4497959e2fad4ec9b770031dae2f18d2cbfc4afcfb64bd2e3d490cdb426af757e179ff5ff391cc307479040853e9de80713c9ad12d1d10a7bc3a005eec822
- SSDEEP
  
  1536:y/4tHJMGv/PikqCwitgddVeNzxjbPkcN4u5:y/4dJMGnKkJt+ebPkc2u5
Score

1^/10
behavioral32

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Targets

Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps).

Acquires the wake lock.

Loads dropped Dex/Jar

Removes a system notification.

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32