General
-
Target
8a186f05007a6405f668798ab9bb6ad2271d40447ed2887e54dba0195d6e5e5c
-
Size
24.7MB
-
Sample
231220-grm12aehak
-
MD5
b63f2386952c9dd71c7ebe113f12af80
-
SHA1
c517fc17987a87c17c94cf135f43014e04f831ed
-
SHA256
8a186f05007a6405f668798ab9bb6ad2271d40447ed2887e54dba0195d6e5e5c
-
SHA512
e8b7a1841c0f67706e77556be42beaf505f000f4bce2ce05ab3d1d84c3808fcd9a36ee9413b94629dd85ebfb90ba249ad0dbe9882f162ba609de43ed1e2e18bc
-
SSDEEP
393216:YqgQ0cMLY9Qw4TkCluKlupvSMw2Y/xWYXvBehSfORi0XoROkqCeWCd:Yg3MLY9QwMkuuof2Y/Tv4DiyoRbox
Malware Config
Targets
-
-
Target
8a186f05007a6405f668798ab9bb6ad2271d40447ed2887e54dba0195d6e5e5c
-
Size
24.7MB
-
MD5
b63f2386952c9dd71c7ebe113f12af80
-
SHA1
c517fc17987a87c17c94cf135f43014e04f831ed
-
SHA256
8a186f05007a6405f668798ab9bb6ad2271d40447ed2887e54dba0195d6e5e5c
-
SHA512
e8b7a1841c0f67706e77556be42beaf505f000f4bce2ce05ab3d1d84c3808fcd9a36ee9413b94629dd85ebfb90ba249ad0dbe9882f162ba609de43ed1e2e18bc
-
SSDEEP
393216:YqgQ0cMLY9Qw4TkCluKlupvSMw2Y/xWYXvBehSfORi0XoROkqCeWCd:Yg3MLY9QwMkuuof2Y/Tv4DiyoRbox
Score8/10-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
-
Requests cell location
Uses Android APIs to to get current cell location.
-
Checks known Qemu files.
Checks for known Qemu files that exist on Android virtual device images.
-
Checks known Qemu pipes.
Checks for known pipes used by the Android emulator to communicate with the host.
-
Acquires the wake lock
-
Queries the unique device ID (IMEI, MEID, IMSI)
-
Listens for changes in the sensor environment (might be used to detect emulation)
-