Overview

overview

7

Static

static

7

com.glovie.plus.apk

android-9-x86

6

com.glovie.plus.apk

android-10-x64

7

com.glovie.plus.apk

android-11-x64

7

ad.html

windows7-x64

1

ad.html

windows10-2004-x64

1

android_bridge.js

windows7-x64

1

android_bridge.js

windows10-2004-x64

1

cid

ubuntu-18.04-amd64

dt-mraid-v...ler.js

windows7-x64

1

dt-mraid-v...ler.js

windows10-2004-x64

1

dt-omsdk-m...ker.js

windows7-x64

1

dt-omsdk-m...ker.js

windows10-2004-x64

1

fyb_iframe...l.html

windows7-x64

1

fyb_iframe...l.html

windows10-2004-x64

1

fyb_static...l.html

windows7-x64

1

fyb_static...l.html

windows10-2004-x64

1

mraid.js

windows7-x64

1

mraid.js

windows10-2004-x64

1

mraid3.js

windows7-x64

1

mraid3.js

windows10-2004-x64

1

no_sleep.js

windows7-x64

1

no_sleep.js

windows10-2004-x64

1

omid-sessi...-v1.js

windows7-x64

1

omid-sessi...-v1.js

windows10-2004-x64

1

omsdk-v1.js

windows7-x64

1

omsdk-v1.js

windows10-2004-x64

1

t-rex.html

windows7-x64

1

t-rex.html

windows10-2004-x64

1

toastify.js

windows7-x64

1

toastify.js

windows10-2004-x64

1

ui.js

windows7-x64

1

ui.js

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    NEAS.85899457d67ec7a33751203ce6af4f98699d6832f0cf0264db1163c21e70b8ba.zip

  • Size

    38.0MB

  • Sample

    231116-wfxhnaec38

  • MD5

    5f609ce7020df85f0231e9862b7435fb

  • SHA1

    ab6470dbb2e400d91543a46190737e3f70e38943

  • SHA256

    85899457d67ec7a33751203ce6af4f98699d6832f0cf0264db1163c21e70b8ba

  • SHA512

    b4c9681b522a717700c7696ee9f52e9d3d20228267c60244d2fdfc18fbc32cdf9cffd59c9d4a39455644ffe9dd8e49d3ecc06d75453ad930f2996cbe6a1ed2e6

  • SSDEEP

    786432:tgEwJw2gIMe4H1l+nBZ2W8bQ1qndrZel/vUMig6DpYwiIrgr:iTgIMR6n32W8dOig6DpYwiIrm

Score
7/10
androidevasionlinux

Malware Config

Targets

    • Target

      com.glovie.plus.apk

    • Size

      17.8MB

    • MD5

      29896242635721bdaaf872238ec80502

    • SHA1

      f20b084cc26e84f969d67e02594f8f415cf16487

    • SHA256

      18b86ecb14d481c1b030c8057fbfb3f5285d50957979ec048ded4221d05f499b

    • SHA512

      fe1158e3784a60ebf73c011dd47a06bd11e66fdc29475d28e8c7f26663d0793701f6af265a7d0c5ff83234630e7288230e883d2c8f27915c64a249ae52eb05d5

    • SSDEEP

      393216:bM2zxgE4nJwqYax8IEZCMr5gR4DFMh2RCSl+hwqBZ9UW+lh:FgEwJw2gIMe4H1l+nBZ2WY

    Score
    7/10
    evasion

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Reads information about phone network operator.

    behavioral1behavioral2behavioral3

    • Target

      ad.html

    • Size

      15KB

    • MD5

      a1a74555ea0427d76695a300d84e0455

    • SHA1

      31870f362df8928edac39ce026ed59faadf662c8

    • SHA256

      b01d149dbf7b08c0774eb8877b2a3f94621cabeccfd95c4a0dc2560ed3772e11

    • SHA512

      da53acffd2fc7c8da52a555870c4580e071f4dbb3bedd37af3ffadab279c7ecc5fca6820c6a1d91ed18fec246fb8f88223770e19753e32e910793133d34a2c21

    • SSDEEP

      192:xMejgzfCtmdyPfojYA5D5zniVkG4zhxm45IqTbTD5qRSwpcPt6FLYFieRO6shWUJ:flqiO5RrD5qBpWt6FAieRahW6P

    Score
    1/10
    behavioral4behavioral5

    • Target

      android_bridge.js

    • Size

      10KB

    • MD5

      1f56dcf13905509d1b086d8e97aaf17b

    • SHA1

      62bb280dbc1feacef0eb5df4c236a13af798d0a3

    • SHA256

      e3b99bc4ee8d1e440df1d0dcb3ebb92a8e39605c44e13736ea42bc8add0094cd

    • SHA512

      cb3b95d05a1242e12a1bee902ad2e10cad4a03cca45f9c9bbe745c11cfa3f3f9b628050565a67cdae9f436ef62c2dde7b76107b4a293a2da43a320a8eba9c644

    • SSDEEP

      192:PPH5ejwzvC9WNiPfYDog5C5znil0WojBR245oWuDYTzJz:0l5i+5iEzJz

    Score
    1/10
    behavioral6behavioral7

    • Target

      cid

    • Size

      5KB

    • MD5

      cfb58d5a778a4da98783db9388bacfc5

    • SHA1

      4e826b8e65f7a81ee0c30836f132632054f338e7

    • SHA256

      64f11eb5134f29bcff547988289baff229b05faf93adac63d3a3bfe97c7f810a

    • SHA512

      1cac2288c9d222dbd195e3b929aebb887e5ff8d13c46675bcc879c762d09311b97a1e331389df520165cb994f1717ee5debf1a97a7563c474130943d5cd4267c

    • SSDEEP

      96:PWuzrX8H2mrqoAuRJff9SgbhWFllXU+9z:PlrXWRJ9Sgbh0l5

    Score
    1/10
    behavioral8

    • Target

      dt-mraid-video-controller.js

    • Size

      19KB

    • MD5

      b1fe77fe619b46ae3e167fae84bd8830

    • SHA1

      f185f3fa2b390c14df5cafa42066f77348d50ab3

    • SHA256

      25a4f95f4d060b2a57a950b2071a2934e1d32caec8f0e67d9c6ab71332cc0af1

    • SHA512

      63c05560ab097debf98c42de21664975544791ee9f227e933843c9e8cb759256c376987ced33e08a12f868064d01f7b2b42ce519db618fb5c85dce0f2ca9bfac

    • SSDEEP

      384:7eEgPcMVXh9OLjFmgeFIS3JOSMP3TKa8m9T:7biZhyF

    Score
    1/10
    behavioral10behavioral9

    • Target

      dt-omsdk-mraid-video-tracker.js

    • Size

      4KB

    • MD5

      985e868e5a88c72cac44928496dedfec

    • SHA1

      b68a8bfc75c34cf6b8bc4316f045d88c8d748e91

    • SHA256

      1e36560eda8c2d290d00266a7da4adf9f46c890969bdaac32b5ac95238392065

    • SHA512

      54b97ffb8b3c4455031fe909ce80e2601e10ce77b486c944ead8f7de8c2dcf9e888d602ff5776b625d4556e2574ea4784e07f08d75c657cb3f89f9fe6bb850da

    • SSDEEP

      96:6AwI+Rtr3nKdI+W5EJs9GrehUgdAczj0uzvOKnVNIhjnin7yIyg:6AwTX7nWT6EW9xUSAUguzvOKnVNMin7T

    Score
    1/10
    behavioral11behavioral12

    • Target

      fyb_iframe_endcard_tmpl.html

    • Size

      520B

    • MD5

      7844cba73b7b4b439b587dd501e92d82

    • SHA1

      25a452bc6886d0e05d4a73da785021fd4c477a04

    • SHA256

      e042e304cecd19bb6816de0150d3895e2717e66dda91f7e189610687c049dae6

    • SHA512

      f54c2d7c0b265aa7c6feb18b8fb6740e01c9e3aeb19bf420d39832737fa59eed8fb959c8aa8a99c0efc87ca3399a244a918f0b4e90b0ee831a87e8afefdf2711

    Score
    1/10
    behavioral13behavioral14

    • Target

      fyb_static_endcard_tmpl.html

    • Size

      3KB

    • MD5

      d18fb1787ce0e84567496b8564e452aa

    • SHA1

      007033d0824685600611af6992060577e127dd23

    • SHA256

      2ae5e0576febb1a1cd63b10bf71644f99fcfd0fe7fb1f2d19525594165294e51

    • SHA512

      ba5225a80941e3ee4ff18401b910968a6cab47634914ecb68213599b96fd4b39c8722e82bf2883faf355d9416a6f2acaa36151a5d8969079cfcd4c6795f6003b

    Score
    1/10
    behavioral15behavioral16

    • Target

      mraid.js

    • Size

      41KB

    • MD5

      69a2f53d5815a37ae6d8997a68ac5829

    • SHA1

      a13d582c071154a77802c59a56b63d9a463c0eb4

    • SHA256

      e2e2b97a190ff766838e9d3ac6b8d7c5f44bbc05bb74cd658f4c9e21c8e99b3e

    • SHA512

      0997ea6b37f5e12230e0b2e6e9e3eed60b2e22421b6be4c89ca26650327a2441892130a5c2a246604e6e2d30335ad030790a3bb19552cbfbd206c16a0cd754b1

    • SSDEEP

      384:UYSdGfT2QJIGCOIyzuP2QESHmz/SXZ3hsyGENyyDXHjFeYSpyObjw7WLhdlrdT9e:hXaoyDX7S+AXEzD

    Score
    1/10
    behavioral17behavioral18

    • Target

      mraid3.js

    • Size

      33KB

    • MD5

      c366ef918a3672c904c82843401f6fb5

    • SHA1

      55e79e9f95e07f4a574634447abdb00a86e1e9c8

    • SHA256

      6ee13fd4a54b1e3fdde1a94546ea041ba351cb0a1189e22867f68938ee8d2a1b

    • SHA512

      e5de1046412478e0f9426918b880a4f6e8914360d8e53b2a9c31d5b362cf9db10af16af5c1336f4dea2c0159e0deb78c4b9eb33bca6e3f4e24a451e920696533

    • SSDEEP

      384:eqqirtUfUNi40m7HBSHC3fACmUAxUbhhMjHhhMhEFs:TqilAKHyq

    Score
    1/10
    behavioral19behavioral20

    • Target

      no_sleep.js

    • Size

      13KB

    • MD5

      7748a45cd593f33280669b29c2c8919a

    • SHA1

      e17ecf67de61920504d79194dbee5cd552a01cfd

    • SHA256

      dce4eef0b197b640ad6aaab2228ee1ee7dccf8bd6d6b5de5484dd1bd16430a78

    • SHA512

      49b3225a5994b724b16b1890e41697c71096402f48c338fe193cb538ac8f88b7d013c0b70e81786d476be3eaf3170049df1ced6cd8957098fffecf11c13b5586

    • SSDEEP

      192:nRG+Fgkw+wi+FrZJqbzr+5rA7wbUCzebIkuHeIabmEWUSiaNRGApaFnoNhCaTLIf:n/gzi+FrZJqbzrarAyUX5uHej27W

    Score
    1/10
    behavioral21behavioral22

    • Target

      omid-session-client-v1.js

    • Size

      55KB

    • MD5

      ec66bd4160d9cb6db650caf6cb69b796

    • SHA1

      8c38ea5527844653eb6014130923542b57451297

    • SHA256

      e6c434e64d8c73759b7fdc69d331e89489127bb0da59168b02e16e6c9165afb0

    • SHA512

      b8e6e93ccd9b5a275f6f35a25055513fbdd99b9ec8cd4271a7bc7f8096f13cf83ad2195e8d88af013e48133276361dd54fd4373163ab197b1b8668fad376e045

    • SSDEEP

      768:RJkFU2PZiCCZVHAzqfiTGmKHg/1wEcvA5fioZgkwqDCWBoxKmvwLqI6Jg656TT6D:4FzCZ2tTDHCFT54/dE

    Score
    1/10
    behavioral23behavioral24

    • Target

      omsdk-v1.js

    • Size

      39KB

    • MD5

      0c076a0f2d0c5c747b0d9ee1d38c001c

    • SHA1

      50fb32438421b9e1141c58c53f3241c2a63e7b3a

    • SHA256

      4a147ff2189d697a3c92ec1640c99d772fc15336f4574c0d241b43cbd093bdce

    • SHA512

      84189531dcc5e8782798f2e42bd939b6dc643c1ea52d8b1a88105e18df35e2728aee8ddbc46025d417c5bd59775dce48a1afd9bfeac5e1e8ceab9ebb6ad8d9e3

    • SSDEEP

      768:A7kZnrjMyu9btYSv7p344gf11cItGxU52w+xRyYqM8A8AwM/5QUVtPGjHAX+6bqq:A7kRr4zjp3fJxU52w+xRyYqM8A8AwM/d

    Score
    1/10
    behavioral25behavioral26

    • Target

      t-rex.html

    • Size

      80KB

    • MD5

      16911fcc170c8af1c5457940bd0bf055

    • SHA1

      eb44540186285271130b056fa6099b1988319fc4

    • SHA256

      dc72cfc1f1d2a5013bb9de34f8cacf5e26e542d7d713fcbe09b865b4aaca6ddf

    • SHA512

      131a00b7895a40ea0fb355ecc5292b3cbbcd23b45dd59b07da1b8eb86501ff0ec698ab5446687cd7ff5fba03d97b7a0b6e47196dc284a51c677cf04dbe13e393

    • SSDEEP

      1536:V5OdudTTa8udsB7g1BuqHkFT5VgYzMGgbJsMPz:Vq0y80I7OuikXm3bJsMPz

    Score
    1/10
    behavioral27behavioral28

    • Target

      toastify.js

    • Size

      5KB

    • MD5

      56e2c9cedd97f10e7e5f1cebd85d53e3

    • SHA1

      bf92cc7edd42fcfb3ffadc3a0fecdca37a7752b9

    • SHA256

      091c9a70994a2004ee02b04f111d40abe40c07b066856399f58c587042ec2990

    • SHA512

      0a531a9ef8e5f437ac484bc0e6d43ab5e9eae244dd28c8e63841a4f0e418e236fa61431390404bdc3e49f351f04a998baf4531275134493a5bc9e4b796cbc37a

    • SSDEEP

      96:TOr4NkSo+hVCsGwnVE8y2d7QC3305q5uU8:CrGPChSV33Kq5u1

    Score
    1/10
    behavioral29behavioral30

    • Target

      ui.js

    • Size

      3KB

    • MD5

      e9e4e75c635903768d870d98e4e0d1b0

    • SHA1

      e2b41a04d72339f98e575f48c90e195a181f1587

    • SHA256

      ff148bc094d48c592846ec610f1ea2eb5409d7dce7bb93753a2a29dad08847e1

    • SHA512

      12f4b213a0b2d590dd1a9c1167dc4b630bf9246da5d2e6498dbe2d2878255d05ad8b86d0ca7a5a12174ef0699063479a696e79bf1fe4b974eb3d30675e018053

    Score
    1/10
    behavioral31behavioral32

MITRE ATT&CK Enterprise v15

Tasks

static1

Score
7/10

behavioral1

evasion
Score
6/10

behavioral2

evasion
Score
7/10

behavioral3

evasion
Score
7/10

behavioral4

Score
1/10

behavioral5

Score
1/10

behavioral6

Score
1/10

behavioral7

Score
1/10

behavioral8

Score
1/10

behavioral9

Score
1/10

behavioral10

Score
1/10

behavioral11

Score
1/10

behavioral12

Score
1/10

behavioral13

Score
1/10

behavioral14

Score
1/10

behavioral15

Score
1/10

behavioral16

Score
1/10

behavioral17

Score
1/10

behavioral18

Score
1/10

behavioral19

Score
1/10

behavioral20

Score
1/10

behavioral21

Score
1/10

behavioral22

Score
1/10

behavioral23

Score
1/10

behavioral24

Score
1/10

behavioral25

Score
1/10

behavioral26

Score
1/10

behavioral27

Score
1/10

behavioral28

Score
1/10

behavioral29

Score
1/10

behavioral30

Score
1/10

behavioral31

Score
1/10

behavioral32

Score
1/10