d0d5791e736cf36de862597fb7bcbf8db8caeae109880387a8f71ef9eed85b32 | Triage

Submit
Reports

Overview

overview

7

Static

static

6

d0d5791e73...32.apk

android-9-x86

7

d0d5791e73...32.apk

android-13-x64

1

Sharing

Copy URL Twitter E-mail

General

Target

d0d5791e736cf36de862597fb7bcbf8db8caeae109880387a8f71ef9eed85b32
Size

6.0MB
Sample

231224-eyexwsaae3
MD5

55c73980dcac75a8ee734e2c38a33e2d
SHA1

0c78f292538603dbbc37d83a3d7302e9673e80ba
SHA256

d0d5791e736cf36de862597fb7bcbf8db8caeae109880387a8f71ef9eed85b32
SHA512

8f45435ffa6328b18442e7713168e5d858f9f4154d7b4bc650dcb7a9adf3fddc329f81331d287dc758ad18f0371e9a6c80d2d8ef164821aa43e25f4358a39667
SSDEEP

98304:jHfWADs1FCd621sRl5JLOk3OHiQYM8s9e+VXBluAoL/xOEGB+mTqW3gYGHg9TRjC:jeADsDa1qHR4lq+vu7xOP52NYIsRK7lF

Score

7^/10

android evasion

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

d0d5791e736cf36de862597fb7bcbf8db8caeae109880387a8f71ef9eed85b32.apk

Resource

android-x86-arm-20231215-en

android-9-x86

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

d0d5791e736cf36de862597fb7bcbf8db8caeae109880387a8f71ef9eed85b32.apk

Resource

android-33-x64-arm64-20231215-en

android-13-x64

0 signatures

150 seconds

Malware Config

Targets

- Target
  
  d0d5791e736cf36de862597fb7bcbf8db8caeae109880387a8f71ef9eed85b32
- Size
  
  6.0MB
- MD5
  
  55c73980dcac75a8ee734e2c38a33e2d
- SHA1
  
  0c78f292538603dbbc37d83a3d7302e9673e80ba
- SHA256
  
  d0d5791e736cf36de862597fb7bcbf8db8caeae109880387a8f71ef9eed85b32
- SHA512
  
  8f45435ffa6328b18442e7713168e5d858f9f4154d7b4bc650dcb7a9adf3fddc329f81331d287dc758ad18f0371e9a6c80d2d8ef164821aa43e25f4358a39667
- SSDEEP
  
  98304:jHfWADs1FCd621sRl5JLOk3OHiQYM8s9e+VXBluAoL/xOEGB+mTqW3gYGHg9TRjC:jeADsDa1qHR4lq+vu7xOP52NYIsRK7lF
Score

7^/10

evasion
- Checks Android system properties for emulator presence.
- Checks Qemu related system properties.
  Checks for Android system properties related to Qemu for Emulator detection.
- Loads dropped Dex/Jar
  Runs executable file dropped to the device during analysis.
- Legitimate hosting services abused for malware hosting/C2
- Queries the unique device ID (IMEI, MEID, IMSI)
- Reads information about phone network operator.
- Checks the presence of a debugger
  evasion
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy