Overview

overview

8

Static

static

6

21ae4d3526...6f.apk

android-9-x86

1

YQrgDAsDeh...ef.apk

android-9-x86

8

YQrgDAsDeh...ef.apk

android-10-x64

8

YQrgDAsDeh...ef.apk

android-11-x64

8

gdtadv2.apk

android-9-x86

Sharing

Copy URL
Twitter E-mail

General

  • Target

    21ae4d3526b193e58a351c45e04ebec13f4da67d95af87e1698ecd200765a16f

  • Size

    15.0MB

  • Sample

    231223-qtwwdseca3

  • MD5

    0197841dd0ee6ef79e23dd4e328d5297

  • SHA1

    25b1950de4b4d89feebd6a70f54756ee7071b8ce

  • SHA256

    21ae4d3526b193e58a351c45e04ebec13f4da67d95af87e1698ecd200765a16f

  • SHA512

    dcd04613493904638c4de151e6f2d899b2fd8f3511dda06d8c6015670b0d7031a16cfee67f861ebb2ca7949a62c156a2e79ddfdeca70b3e361120d0846f74402

  • SSDEEP

    393216:2j8p1rZ+3n6dVmT+sDhU/IL2k0E3+ApBaN7FjQRdIuqjU:2j8p1l+3O0PV4E3+aqxjMiY

Score
8/10
androidevasion

Malware Config

Targets

    • Target

      21ae4d3526b193e58a351c45e04ebec13f4da67d95af87e1698ecd200765a16f

    • Size

      15.0MB

    • MD5

      0197841dd0ee6ef79e23dd4e328d5297

    • SHA1

      25b1950de4b4d89feebd6a70f54756ee7071b8ce

    • SHA256

      21ae4d3526b193e58a351c45e04ebec13f4da67d95af87e1698ecd200765a16f

    • SHA512

      dcd04613493904638c4de151e6f2d899b2fd8f3511dda06d8c6015670b0d7031a16cfee67f861ebb2ca7949a62c156a2e79ddfdeca70b3e361120d0846f74402

    • SSDEEP

      393216:2j8p1rZ+3n6dVmT+sDhU/IL2k0E3+ApBaN7FjQRdIuqjU:2j8p1l+3O0PV4E3+aqxjMiY

    Score
    1/10
    behavioral1

    • Target

      YQrgDAsDehESdHIdUFKef

    • Size

      5.1MB

    • MD5

      f48caeca70cf661e10b1672bdae4884d

    • SHA1

      4f502677f81b10465845d87422d40ecb5fab6127

    • SHA256

      dab392c82e0831d63ac1a529cfcc08079d397cc751b1cb8f0cb8467dcef52408

    • SHA512

      a7f31abd6cc411aafaa76c8baad0df16f609d12fff7a1d530d38712133241fdece755f7ba758e6b6135ea0dd8386cf6d83a96a27c4c221056b0aed8cc1a364ab

    • SSDEEP

      98304:C1EvG643no3EZ2Na9sdKrd2OXurTsBE5SCOEdiyc2v3CanDTvClrZt8emPeofC:hvG643no3EfudAd2OXu/sBEbdix2vSOU

    Score
    8/10
    evasion

    • Requests cell location

      Uses Android APIs to to get current cell location.

    • Checks known Qemu files.

      Checks for known Qemu files that exist on Android virtual device images.

    • Checks known Qemu pipes.

      Checks for known pipes used by the Android emulator to communicate with the host.

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Queries the unique device ID (IMEI, MEID, IMSI)

    • Reads information about phone network operator.

    • Listens for changes in the sensor environment (might be used to detect emulation)

      evasion
    behavioral2behavioral3behavioral4

    • Target

      gdtadv2.jar

    • Size

      622KB

    • MD5

      925c89def267b4f087278431a2ea1ba2

    • SHA1

      f512786fbd277978de2ddbd3855db0aa730e4305

    • SHA256

      7dedfed3255e64dea6cbe43789a32583c9e3a9214d527c8125071be4ad7c1d1d

    • SHA512

      f2b414ad33fa2f176162ec0e4e9fd1fa53233cd40395e616c52a60e5fcfb820be0d464520cb8c568c7090a3fbed4be2eb1d9999b6fa487e3de5851d6aed65dc9

    • SSDEEP

      12288:WpStF524rz2xSbYm5iXuT/w+GMeoZNsAQvoMn+f+BY8CXGec:WAtbfrzZquT/e1aWAQAM8+

    Score
    1/10
    behavioral5

MITRE ATT&CK Matrix

Tasks