Overview

overview

10

Static

static

10

WH_Final5065.apk

android-10-x64

8

Analysis

  • max time kernel
    1150371s
  • max time network
    69s
  • platform
    android_x64
  • resource
    android-x64-20230831-en
  • resource tags

    androidarch:x64arch:x86image:android-x64-20230831-enlocale:en-usos:android-10-x64system
  • submitted
    18-10-2023 20:53

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    WH_Final5065.apk

  • Size

    181KB

  • MD5

    45990bb5b26babf7fd4b7ced49217320

  • SHA1

    fbfba7b69e56db6a3f60f6f0b588789ddadc4f11

  • SHA256

    95cf1b24172243a1813498b865f0c15ea161500bb3f2f79d3d6ff4ff3ca318a5

  • SHA512

    f3421cb0558258b63e442d8c0ec0b65671eeb3459e0c2b346bbf67bf4598fbf9f5d8f4443abfe47d371bf90bcafe72a1bc85c44c9704c0079230ae695da1c5c8

  • SSDEEP

    3072:Q/YaYgr/TuZCkzYl+0RCm0puu7XFS4iE3vMPoonx85TKP8hBsHYa5raEnTdy:QLzr0RzETRCJBS4iEEnCVRs4aVrTg

Score
8/10
evasionstealthtrojan

Malware Config

Signatures

  • Makes use of the framework's Accessibility service. 2 IoCs
  • Removes its main activity from the application launcher 1 IoCs
    stealthtrojan
  • Acquires the wake lock. 1 IoCs
  • Reads information about phone network operator.
  • Listens for changes in the sensor environment (might be used to detect emulation). 1 IoCs
    evasion

Processes

  • wocwvy.czyxoxmbauu.slsa
    1⤵
    • Makes use of the framework's Accessibility service.
    • Removes its main activity from the application launcher
    • Acquires the wake lock.
    • Listens for changes in the sensor environment (might be used to detect emulation).
    PID:4862

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads