075d90a1ffdcda0f016d17a99806fb58532e770e84d9c597a15f923b2fcb670f

Sharing

Copy URL

Twitter E-mail

General

Target

23123c30a028ac4aa86448d2f76aa1a9769d9c9ae9a5a86b8d4f6dceb11362e4.apk.zip
Size

131.2MB
Sample

231007-3wpajsge3x
MD5

d2a4a229e8c002d93cd21f57511e7906
SHA1

ddd79d251cdf92e5fe973bb69e844e3f1d934969
SHA256

075d90a1ffdcda0f016d17a99806fb58532e770e84d9c597a15f923b2fcb670f
SHA512

f45b5ec8f7fd60509ed16b64994dfeabf5274b1b86b615597db1edd14e592956fd797021a6c8699bd30f2dc73bc7916809cf1151c7d2946bd0e798eb57dff0c6
SSDEEP

3145728:oAuJJTGH1mgvUDf4TiAdCCP+VwYQcnghPkZRxVAqQOImG3:ovtK1mgMMjdCCP+VGcg/Xxf

Score

8^/10

Malware Config

Targets

- Target
  
  23123c30a028ac4aa86448d2f76aa1a9769d9c9ae9a5a86b8d4f6dceb11362e4.apk
- Size
  
  181.0MB
- MD5
  
  a64fbf0a042a5c5a7edf2c97d4096fc3
- SHA1
  
  77c19c99a4d21eaa502995dfe32ca70e831fdeb9
- SHA256
  
  01a2e56fe20bbfdf57934121925797b3d33a9399d86bda90c966f6b34f55faa0
- SHA512
  
  ce70e60d54730bd24e35f9487280e5f90f08df17faca4c07296ad35bfce3588b22aa59b4636be6ede5a81c05e2b4a26a3ab9bcf0a1679a21b5841089d73f32f5
- SSDEEP
  
  3145728:hknw3UISBmYfVxgZw5xaDG+h1KozRf49oVlJkJZeMlHgR4t7tM8l:hgw7Yz7/aDGw3zGuAZ1t7t7
Score

8^/10

banker evasion
- Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps).
  banker
- Acquires the wake lock.
- Loads dropped Dex/Jar
  Runs executable file dropped to the device during analysis.
- Removes a system notification.
  evasion
behavioral1
- Target
  
  AndroidRuntimePermissions.Runtime.dll
- Size
  
  9KB
- MD5
  
  a08eac5bb3ba83797f82d3862b429e30
- SHA1
  
  fb981f0259169e51ccc54e11a3d94a51d02baec7
- SHA256
  
  e100489124a2ba29df13526cd01706f5f049f48b2fa6ff726f5002b668ea4842
- SHA512
  
  600b54e6a4cfe96214b101767e3ee259a2ff1cb21b91366508f6042c8bb4da7f855c04d5df227510fd30c4d8d2b0596856ccf8c15f0957aaeaa5feef9aa4e220
- SSDEEP
  
  192:7yXoyVia0q+QB3O5NzPCEfAN3TS8rqdV9O3+rG4ry:7y4yoR0BsHAVS8rqdCOK4ry
Score

1^/10
behavioral2 behavioral3
- Target
  
  AppIconChanger.dll
- Size
  
  4KB
- MD5
  
  4790ccfa47018d5415c2da5d85fbaf23
- SHA1
  
  16b9450af78d4944c6c5e3a6d851e139211ff53c
- SHA256
  
  7a9ea4833756368155547884d11a35ecc919ae5889f212a7ae18c40b9eafa44e
- SHA512
  
  4c7250a28d5a2a3adfd9ec54d2dd0eda63ef812dec03546fa34b13187c70fa128d0b408b8453646a338e1f7abb88f99ddceb13c4c8d744eaec19f7193e1c8ca3
Score

1^/10
behavioral4 behavioral5
- Target
  
  AppsFlyer.dll
- Size
  
  36KB
- MD5
  
  4b7d787780affdc77475f9bb8e3d901f
- SHA1
  
  f08409ca5e65ba131d6c7de128e23248d20ea36a
- SHA256
  
  ce2a473baa91bada167c40b59695b29913894e3f9adc41370f4d9abcd72fcc85
- SHA512
  
  341b46b7da84ebd8bce290cfba3252aa1f7e27affed2e9bd094c07c17316ecc2261469b9cbc41a66ae1d312440655c217561e8ab73d9f16ab92f47b8da78b950
- SSDEEP
  
  768:WbmVdnjhqfYnVJG3DiLK6PrVFDFruE+IsyDhb+h0:CmDn+iV4uPJFDFR
Score

1^/10
behavioral6 behavioral7
- Target
  
  ArabicSupport.dll
- Size
  
  13KB
- MD5
  
  6cb0fbba1df139d8f836df2ddec66a8a
- SHA1
  
  ad2d7a112785726a766f09aeb646fd2c5590e7b5
- SHA256
  
  64e4226ed624172ce7654aa9ee5946d48219084bb02cbf49c5d76898409ead23
- SHA512
  
  eb95ba8266e6d10d7c1dbd314730ef89e4e1fcf719ed3c27a73ff629f81c1013bdfa47af212ec8e41deaacf565941d91dfce1af3b4a307c26982ca852b92a0ff
- SSDEEP
  
  192:+lPrXAuAQzIuiPfrEYy16gqKX+b0dWGa9sh8r65WF+bxTZ:Cr7AduurE4GGM5Ww1
Score

1^/10
behavioral8 behavioral9
- Target
  
  Assembly-CSharp-firstpass.dll
- Size
  
  386KB
- MD5
  
  7b51e1cbb2eb802e641ebf8e31d88f3c
- SHA1
  
  a13464a391a7b7e3de3af26dd6637ae286492217
- SHA256
  
  19cfcd6cb6cc0872637d71624b0c4e41fecb729a30eea642336ac1603a9d841e
- SHA512
  
  b01cd2194ff7c311c7bc8e94f089aaa9b9256e27d5440849aedcd31ad38dfaf92daad895386bb02ba705cc301e38d3ea4d14b1e1e3963abcaa2805bac0a0ed7c
- SSDEEP
  
  12288:pyIJXfi2CcU3OXnPYRLOA6lCfBfHJONzS82bLfovaU:py4hpwKnUORS82bT
Score

1^/10
behavioral10 behavioral11
- Target
  
  Assembly-CSharp.dll
- Size
  
  3.5MB
- MD5
  
  268746b24f0d98fc02679766d7eb261b
- SHA1
  
  4d8466da84b01528c56665d1003ef8f6a1bdb4f2
- SHA256
  
  b893b05fb9c1f71bf58866a820c0d4bf91b1228af3092a39e9576de8bc4bab8f
- SHA512
  
  4161cf9527abbeae5af92f248e0ea51d9026a507d6e3f983d80ca3eb30c8ef3c071314107a4e8b3d6f4618ac47f28e57adc261575b1c053e09bdd095b03e4710
- SSDEEP
  
  49152:B+0+Kqv9p4tlbT9Q/yUiVCS7kdl/kbMvAfBQlQkFx0uopGntce6axYeRxY/Fnj:B+0+K+j4ZQ/yU73Jj
Score

1^/10
behavioral12 behavioral13
- Target
  
  Bugsnag.dll
- Size
  
  8KB
- MD5
  
  07e55ee67f448692f7cf3508142ae72a
- SHA1
  
  974f4776b261886bc9503006f15bec5a1758f956
- SHA256
  
  cf28b793be527fdaa2981ed064cd3c6acc005e0bb4a3e9322b9d61b5d660484a
- SHA512
  
  bdf02eec62483afb865024f2c6e13c051b55fe53237d27969dd40a692cafb1c188a6c40e950d868ff77fc743f1c17615225cd3ae96f1a50db54bd6fcd82208bb
- SSDEEP
  
  96:Sn9pB6RnEWD55jEYG173dOUvpnYG5o5F30RfCY2jJ5jQlbKFFdjwN18x:wpIEWD551G1E0f4d0l6j7jQl0XsNI
Score

1^/10
behavioral14 behavioral15
- Target
  
  BugsnagUnity.Android.dll
- Size
  
  148KB
- MD5
  
  4609f12003acee84f1d4ae82fee54521
- SHA1
  
  6053b9afc039c226c99e4e5377ba7a0dca2edf48
- SHA256
  
  462d1324ba1b211090d9d2baf08675df7d3bee703f65e0e4d4f7a9317a1a4f54
- SHA512
  
  507d7879dcde401c326cb5aff0854280ad41b19b00e782b20ba670c985790855e8aa4d65ff189a6221fe7ca8ea66c55f96ada04149cfbb705e85398071e72cdb
- SSDEEP
  
  3072:zR6z2Q9Dovbh0ViR0YQn64pVn8UbXRgx:rUEveViG4Yn
Score

1^/10
behavioral16 behavioral17
- Target
  
  Castle.Core.dll
- Size
  
  432KB
- MD5
  
  5fd9509e23271b37ed2ff8b8c8871e9b
- SHA1
  
  67e3d1afd27fb570938fdd922f86b48137c81c3a
- SHA256
  
  9b555bc6f25753f1de58bd5a12c26d21a034914d9b8d56aee7c4fdb6365f11d2
- SHA512
  
  ea81645c5699ed83aeb137296dd9ec2a432d24ddc55193e930ed8c4b55663052d45cff01346ec19881ef7096bd73f68d429407570a82e767213c73c2b7664e41
- SSDEEP
  
  6144:9qS7E6tO0vCqltN6Z1G+9FkdbAnGTZEg8UJrF6YdUb9iNDCqRBHpZTdj7dH7+:rEz0vmFkBAcHT6YdmkCqRBHpTZH7+
Score

1^/10
behavioral18 behavioral19
- Target
  
  DOTween.Modules.dll
- Size
  
  43KB
- MD5
  
  66f3838fdd161796d50aa3b0cc38e879
- SHA1
  
  820759ebcfdb494bb095f43559c539a2ac6476aa
- SHA256
  
  0e22d48332381d2513e0f12976eddd218c44a5de81ba8f148e3b2b29a4985f79
- SHA512
  
  6e39fab4a8f9b38257d4230a81d4bf09bc3d0fc8700efc7491db4990b6f220018cf7900f088424cb7366f5ad96333d2a71ce83e698fce71c58dc8a92317a2677
- SSDEEP
  
  768:32KFTysL4GZEXV25x0MVDQBRBXgKoMR+mAAlraJhX8i8rhT:32KJysL4jMVY/XgQsmAAlr0H8rh
Score

1^/10
behavioral20 behavioral21
- Target
  
  DOTween.dll
- Size
  
  158KB
- MD5
  
  b0c92c3bbe4adc4881598bd16c5c0202
- SHA1
  
  1389b9c2c30a4cf013e3109a670af53f1b292dd3
- SHA256
  
  48ea88b9fc7d95fc04ae333e7df4fdeed865ec39629382e5524f5cdc32e7dd4e
- SHA512
  
  445d4896ab729777c0f32dc37ff67991b8847bbab36b849fdc8146ec883b050791f076dbd0dea55215901d9c2c876b8bcef269f087d9a15de70bf2ea8ff5054c
- SSDEEP
  
  3072:wmJuRf6eC3QaWnGpRXrfVvLyNXfFoldyFi:wJRfdLno5DVvLndE
Score

1^/10
behavioral22 behavioral23
- Target
  
  Facebook.Unity.Android.dll
- Size
  
  4KB
- MD5
  
  662fff442d813495c7294ca802dad81d
- SHA1
  
  775f9e6e0893ef62c473294d4621bee3bca83fca
- SHA256
  
  cd75eda7b5dda263facabb62f65f378aeca49848b7bd34f5efb359ffacccee3a
- SHA512
  
  b020d3c7e113bf2738b089364939a96d51f4d4f6ecf3bdfb513cac5205253d43c45de203a1b77308a540cb2b20515660aa61b5d38e7ffae48c9c673532e3fb94
Score

1^/10
behavioral24 behavioral25
- Target
  
  Facebook.Unity.Settings.dll
- Size
  
  9KB
- MD5
  
  4276dceb6dac16e46423b01a6fe1d9d9
- SHA1
  
  a829600637a6bd9259a6d532eb8361713a947be2
- SHA256
  
  0a1b5f4838008daa13e8e00d03add310eb2088afd09afdbe53a32295cc6bf686
- SHA512
  
  a35e10bd1e3bb4bac42b1af3a652d4d828ae399949e3c64be85582b4642b01aa1e0223efd63860a6fbad0aaf3e8b15cf564aa2355c61aa55d4e7c3b71d0c71e3
- SSDEEP
  
  192:m+AgyJz8L7mSIY4DdeB2SiF0VViyUlQCtviFo6S9DcDR+:m+pE030eCBiFoA+
Score

1^/10
behavioral26 behavioral27
- Target
  
  Facebook.Unity.dll
- Size
  
  156KB
- MD5
  
  f9c91a921b4f11f771241e57a03a0c62
- SHA1
  
  a98d3daa11336faf3bc4181f27e2e8ba94eba01c
- SHA256
  
  ed509ef0dd887e6b60b065ba3f9156992a5194014099e1cfd195d1cd0e9132c7
- SHA512
  
  ed40969a9007eb3f4d68f6d0a63442fea08345b1d017c79dd5dfdaa7d54bb572a5346e23af13e236e1ed7f5b9b8fb19822947ca0336ab74837e00949c60ca5aa
- SSDEEP
  
  3072:GbKAbdwsYTTRq+REYAcSvWj00n+1MQMx17zHAREkaNIKHFHMIsc:dAbasD/Sdn++bSEkaNI
Score

1^/10
behavioral28 behavioral29
- Target
  
  Firebase.Analytics.dll
- Size
  
  40KB
- MD5
  
  e665bc929fe1728fe4238b53102e0c66
- SHA1
  
  dcb971b7748c91fcdd0b99abd89dec48e04f1dc2
- SHA256
  
  1de40fd8947b24df53196498651017eb091fb989df444a73e592cc288290c772
- SHA512
  
  61b7089e572720e962af0618b24089b01e74d6a3cc552256d9cf67ab2d824046154474c6603ca70fa982239c16af31ccaca66410e26789353d7f98f75ac7ac4d
- SSDEEP
  
  768:NtmMJUdwcFayw4cl/KslvKVQ/Ez2+EPuBzPcY:NEMSdzFaZ/Ez2+EPQcY
Score

1^/10
behavioral30 behavioral31
- Target
  
  Firebase.App.dll
- Size
  
  87KB
- MD5
  
  eda57ce86c018b7ec757ce925387a54e
- SHA1
  
  8cfa2b8b97b86b105f99ac3d6583d0a995845ba6
- SHA256
  
  5966a1c2664b3dbcd2de1b8acbfe48170df353d6344a5441fc37d12784fdf103
- SHA512
  
  90f4497959e2fad4ec9b770031dae2f18d2cbfc4afcfb64bd2e3d490cdb426af757e179ff5ff391cc307479040853e9de80713c9ad12d1d10a7bc3a005eec822
- SSDEEP
  
  1536:y/4tHJMGv/PikqCwitgddVeNzxjbPkcN4u5:y/4dJMGnKkJt+ebPkc2u5
Score

1^/10
behavioral32

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Targets

Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps).

Acquires the wake lock.

Loads dropped Dex/Jar

Removes a system notification.

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32