Overview

overview

8

Static

static

6

816a4e3ce6...e7.apk

android-9-x86

8

816a4e3ce6...e7.apk

android-13-x64

8

bdxadsdk.apk

android-9-x86

bdxadsdk.apk

android-10-x64

bdxadsdk.apk

android-11-x64

gdtadv2.apk

android-9-x86

Sharing

Copy URL Twitter E-mail

General

  • Target

    816a4e3ce6215c30ccf25106f3a41967af4e420fc51a3681f77e08e895020ce7

  • Size

    21.9MB

  • Sample

    231220-d6cl3aadeq

  • MD5

    3f26ea78c9f8e6192bbf2a30864706e2

  • SHA1

    4869ed617cbda440ca9bdb32ad2ba5fbf498eb09

  • SHA256

    816a4e3ce6215c30ccf25106f3a41967af4e420fc51a3681f77e08e895020ce7

  • SHA512

    9fe17a03575637b26b22f2011eda819076250fcd52af0bb588fd46fa453be480fec0b160e26d09602a4f4093f08876d73b3a4d6b038418480e55b98751287158

  • SSDEEP

    393216:TymHKdY2knhdeeKxbFmGTgQd5xhjHJAXa+idJh9YMl6/H7tjij3aJpl9OmcKq:d6gdefr9gWHb+wb9Dlo7t8owl3

Score
8/10
androidevasion

Malware Config

Targets

    • Target

      816a4e3ce6215c30ccf25106f3a41967af4e420fc51a3681f77e08e895020ce7

    • Size

      21.9MB

    • MD5

      3f26ea78c9f8e6192bbf2a30864706e2

    • SHA1

      4869ed617cbda440ca9bdb32ad2ba5fbf498eb09

    • SHA256

      816a4e3ce6215c30ccf25106f3a41967af4e420fc51a3681f77e08e895020ce7

    • SHA512

      9fe17a03575637b26b22f2011eda819076250fcd52af0bb588fd46fa453be480fec0b160e26d09602a4f4093f08876d73b3a4d6b038418480e55b98751287158

    • SSDEEP

      393216:TymHKdY2knhdeeKxbFmGTgQd5xhjHJAXa+idJh9YMl6/H7tjij3aJpl9OmcKq:d6gdefr9gWHb+wb9Dlo7t8owl3

    Score
    8/10
    evasion

    • Requests cell location

      Uses Android APIs to to get current cell location.

    • Checks known Qemu files.

      Checks for known Qemu files that exist on Android virtual device images.

    • Checks known Qemu pipes.

      Checks for known pipes used by the Android emulator to communicate with the host.

    • Acquires the wake lock

    • Queries the unique device ID (IMEI, MEID, IMSI)

    • Reads information about phone network operator.

    • Listens for changes in the sensor environment (might be used to detect emulation)

      evasion
    behavioral1behavioral2

    • Target

      bdxadsdk.jar

    • Size

      266KB

    • MD5

      170ce354f12852de7852a2cd8bfd6826

    • SHA1

      6068e357aa412ab67c263f20ebfcecfa55a27151

    • SHA256

      65a60000cbfd0dd36eefae21eb736eb3bb27c3acc7f0e87368896e6d9a756322

    • SHA512

      b04399dc7b7edfba26c3d055c434a221910d9916b3caca8d1768a8ffdcef2f6ddaf4e28187f23528a9209cac133586c050806de36848b3f7345434a088155835

    • SSDEEP

      6144:Ld666666666Pm7mJpNzlVtztmWlCshtenRJdzhiOZCFYcgGGcRnaNjjUiS:B666666666Pm7EzlVJtnl5EnRJiOZ/Gl

    Score
    1/10
    behavioral3behavioral4behavioral5

    • Target

      gdtadv2.jar

    • Size

      882KB

    • MD5

      92f595ce049174214f3628887517db34

    • SHA1

      0c55f4a6845217e91f0eebd3aa7f47e9a68695f3

    • SHA256

      d3784cd3fbe8475ab8c0cce5003ff9daf0f80926a1de8d37c68eb8e7527a82ec

    • SHA512

      5944d3588d85fa6866ddc91ac1eb32dc21f796d5e0fb5fb093d9bc9c3219e54e676a8a9fa3954c4450aa50d1125fab722a859330c670838993462fe1a2fa7ea3

    • SSDEEP

      24576:eGAszN/Vs45lt1P/ZRhQ87i3eenQSs9x+S+mVIbtf:eGRSqt5/ZRLi3ev9fVIZf

    Score
    1/10
    behavioral6

MITRE ATT&CK Matrix

Tasks