furball | a5b5f6027b463d82fded3c38153086d5accc466df33123070ea541e62124b943 | Triage

Sharing

General

Target

a5b5f6027b463d82fded3c38153086d5accc466df33123070ea541e62124b943
Size

6.9MB
Sample

231220-mvn1dseeg2
MD5

21f326eef6fda2c5d544c2b5e6d21f34
SHA1

c6d5a6a665ebaa80d1174ca3850f7af509bd027b
SHA256

a5b5f6027b463d82fded3c38153086d5accc466df33123070ea541e62124b943
SHA512

c298b6a8979eb8385f8e79f8349851fd0cec1570348537dfe46d98366781043df9a80b9e82ad9f0ddfa89d6b18e767534ab09cd3a6c48c5190a64a39c8ed4da8
SSDEEP

196608:IEIxhWPUkMgyy39KP6NKP2DlBhTtfEEgpBSQi63kV:ECtMC9wAKP2BBhTtcE8BiIkV

Score

10^/10

furball android evasion

Malware Config

Extracted

Family

furball

C2

http://www.firmwaresystemupdate.com/mmh

Targets

- Target
  
  a5b5f6027b463d82fded3c38153086d5accc466df33123070ea541e62124b943
- Size
  
  6.9MB
- MD5
  
  21f326eef6fda2c5d544c2b5e6d21f34
- SHA1
  
  c6d5a6a665ebaa80d1174ca3850f7af509bd027b
- SHA256
  
  a5b5f6027b463d82fded3c38153086d5accc466df33123070ea541e62124b943
- SHA512
  
  c298b6a8979eb8385f8e79f8349851fd0cec1570348537dfe46d98366781043df9a80b9e82ad9f0ddfa89d6b18e767534ab09cd3a6c48c5190a64a39c8ed4da8
- SSDEEP
  
  196608:IEIxhWPUkMgyy39KP6NKP2DlBhTtfEEgpBSQi63kV:ECtMC9wAKP2BBhTtcE8BiIkV
Score

7^/10

evasion
- Loads dropped Dex/Jar
  Runs executable file dropped to the device during analysis.
- Acquires the wake lock
- Listens for changes in the sensor environment (might be used to detect emulation)
  evasion
behavioral1 behavioral2 behavioral3

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

behavioral3