General
-
Target
8ea8c506cd1732ba60c230b9985ec9cb2d37f487f12a6384d569b7b9df11fada
-
Size
31.3MB
-
Sample
231223-zmdkxabaa6
-
MD5
138c861b1d352bc97f43a7b4cb886cd5
-
SHA1
646e4db9fbba604c4d03da53d3c165d66f2c7152
-
SHA256
8ea8c506cd1732ba60c230b9985ec9cb2d37f487f12a6384d569b7b9df11fada
-
SHA512
c9788a425b60a0b3064c6bcd879cb869fe105e1786b726f54aa70e0644f70b1e0b15ad2705aaced01400bbd58e78e5bad3c9f142f36bdf575f6fb0e67a820ac5
-
SSDEEP
786432:+jfI1EJhMnadYVgGjPkCbNnaXsDQO1Tyfz0ecf8813W6:+AEWadYVkUaXvOJnfB1R
Static task
static1
Behavioral task
behavioral1
Sample
8ea8c506cd1732ba60c230b9985ec9cb2d37f487f12a6384d569b7b9df11fada.apk
Resource
android-x86-arm-20231215-en
Behavioral task
behavioral2
Sample
aisdk_qtt.apk
Resource
android-x86-arm-20231215-en
Behavioral task
behavioral3
Sample
aisdk_qtt.apk
Resource
android-x64-20231215-en
Behavioral task
behavioral4
Sample
aisdk_qtt.apk
Resource
android-x64-arm64-20231215-en
Behavioral task
behavioral5
Sample
gdtadv2.apk
Resource
android-x86-arm-20231215-en
Behavioral task
behavioral6
Sample
night.apk
Resource
android-x86-arm-20231215-en
Behavioral task
behavioral7
Sample
night.apk
Resource
android-x64-20231215-en
Behavioral task
behavioral8
Sample
night.apk
Resource
android-x64-arm64-20231215-en
Malware Config
Targets
-
-
Target
8ea8c506cd1732ba60c230b9985ec9cb2d37f487f12a6384d569b7b9df11fada
-
Size
31.3MB
-
MD5
138c861b1d352bc97f43a7b4cb886cd5
-
SHA1
646e4db9fbba604c4d03da53d3c165d66f2c7152
-
SHA256
8ea8c506cd1732ba60c230b9985ec9cb2d37f487f12a6384d569b7b9df11fada
-
SHA512
c9788a425b60a0b3064c6bcd879cb869fe105e1786b726f54aa70e0644f70b1e0b15ad2705aaced01400bbd58e78e5bad3c9f142f36bdf575f6fb0e67a820ac5
-
SSDEEP
786432:+jfI1EJhMnadYVgGjPkCbNnaXsDQO1Tyfz0ecf8813W6:+AEWadYVkUaXvOJnfB1R
Score8/10-
Makes use of the framework's Accessibility service
Retrieves information displayed on the phone screen using AccessibilityService.
-
Checks Android system properties for emulator presence.
-
Checks known Qemu files.
Checks for known Qemu files that exist on Android virtual device images.
-
Checks known Qemu pipes.
Checks for known pipes used by the Android emulator to communicate with the host.
-
Loads dropped Dex/Jar
Runs executable file dropped to the device during analysis.
-
Reads information about phone network operator.
-
Listens for changes in the sensor environment (might be used to detect emulation)
-
-
-
Target
aisdk_qtt.jar
-
Size
820KB
-
MD5
aa7aa46f0cd80e489f94b8bfdb33aaaf
-
SHA1
df529afef261f9dea7d80557162206c86106e89e
-
SHA256
e0acfa01e36b962d1c1c9191557a938efdf3246f419f1eb6c9df29e0c196cc68
-
SHA512
f7ef44c13ef790865e58a529f573bf4290b4574a842a9ee219cae8bce3dbc5690f46e34c4172fb211291f52cb7d1efde1b24cf45702cf155a9601276486222f5
-
SSDEEP
12288:WmA/F/9YtyTRLPytq8bbpbXrohN0CP1WCChQ0e39EX1xYugVYPNNvZTlRQ1CAdL:NA/JwyTJgvbBCN0Y1WCrNchg2BygK
Score1/10 -
-
-
Target
gdtadv2.jar
-
Size
650KB
-
MD5
5eaa0ab055f88d1710a1c680cced039d
-
SHA1
3cd78c640c175d8f41c981dec45da2e0671659fa
-
SHA256
629ce3d46af2e307c50aa0a8b6a4649c07f15c9bb0ab074dc9e3c42d452223c5
-
SHA512
fa0e514c183962c89a2f27d680768542628a031312300de7d1574490920057975f227fe9e95e2a1c3cef399f755686b40ca926a4db6e582f7c5a07277f072c13
-
SSDEEP
12288:2o/eAqlTYNTbHulJeTcMZH2rNp8OwazS5skPAZl9xHlUaE3OdKFwEUSsielxE:2o/ea32e4MZH2rNpHwsbkPApp1qwNSsw
Score1/10 -
-
-
Target
night.skin
-
Size
70KB
-
MD5
2793cd09b43ba1a6819ed0fa01702b34
-
SHA1
ab91b82a49950896b959e80eb0543f794ee66a55
-
SHA256
30504b9231ff7422c7dce9247d45aa78c8dda42b2a2c9cdc3905649b2e7507d4
-
SHA512
007b0905733d87460a73a6c45578507709a486eb98a1fc57e604e1ef3e98fdb291ec60061efeb89fe5bd588fa097211704ea03c77422d0599d1c08703b399336
-
SSDEEP
1536:y3nABj0m6fJ3h+hAd4s6zyLI7XV40BsTqqqEx+G4WUya5XMCru1/Jru:ywBj0m6m62gsC0BscE54hSC
Score1/10 -