cd02331e5d879af2a8b7f8fa751e60c607f15d9d061da08e24f091b6f3d870ad | Triage

Sharing

General

Target

5ad1a621f98cf027490d939e6348f219
Size

20.0MB
Sample

240114-ksqebsgca2
MD5

5ad1a621f98cf027490d939e6348f219
SHA1

3b7bd6ed30db70a2d62ac946db4b3f88854dfe57
SHA256

cd02331e5d879af2a8b7f8fa751e60c607f15d9d061da08e24f091b6f3d870ad
SHA512

3b872a2b6190a60b857a4f7ea47a12753f996d48499d66241b5adb14917bc24b090115f0144f4c19aa27739cc5210cc24dc699aa506b1cd396a554fbd415e294
SSDEEP

393216:Ortoqwl+PJyNKZoO3nYp+GID0LE+HYbO86gMUgXwOVNXGIHfQVP2kfH6LfG7/d+F:Ortb++D/A+G80FVlYgAWoEVLfG7/d+bh

Score

8^/10

android evasion

Malware Config

Targets

- Target
  
  5ad1a621f98cf027490d939e6348f219
- Size
  
  20.0MB
- MD5
  
  5ad1a621f98cf027490d939e6348f219
- SHA1
  
  3b7bd6ed30db70a2d62ac946db4b3f88854dfe57
- SHA256
  
  cd02331e5d879af2a8b7f8fa751e60c607f15d9d061da08e24f091b6f3d870ad
- SHA512
  
  3b872a2b6190a60b857a4f7ea47a12753f996d48499d66241b5adb14917bc24b090115f0144f4c19aa27739cc5210cc24dc699aa506b1cd396a554fbd415e294
- SSDEEP
  
  393216:Ortoqwl+PJyNKZoO3nYp+GID0LE+HYbO86gMUgXwOVNXGIHfQVP2kfH6LfG7/d+F:Ortb++D/A+G80FVlYgAWoEVLfG7/d+bh
Score

8^/10

evasion
- Requests cell location
  Uses Android APIs to to get current cell location.
- Checks known Qemu files.
  Checks for known Qemu files that exist on Android virtual device images.
- Checks known Qemu pipes.
  Checks for known pipes used by the Android emulator to communicate with the host.
- Loads dropped Dex/Jar
  Runs executable file dropped to the device during analysis.
- Queries the unique device ID (IMEI, MEID, IMSI)
- Reads information about phone network operator.
- Listens for changes in the sensor environment (might be used to detect emulation)
  evasion
behavioral1 behavioral2
- Target
  
  bdxadsdk.jar
- Size
  
  195KB
- MD5
  
  c3b999326b7187bdd85fd971f93376d6
- SHA1
  
  978fa76710506b2aa2dc1502e2697355cc64e34e
- SHA256
  
  555e565b45d2b030652d914830ad427d15182797886316024a2f04df6ac81d5e
- SHA512
  
  240981a457a3df5ce7f51ae1e0b323efc37b349a261e21d52ef8e9256d758f5c7dd4bcd6411ca2dc247de1beec2ad1a0f7f49d2370971c8c65f95b0d6c14b31e
- SSDEEP
  
  3072:bFg/OTNG1obNXB45vAEsreszccGiXzU+wtBJPkyzy4H/mqku/DjEWKVQNCDu:u/Ow+x69ftc9XzStBJ8y5mqkYDjv3Gu
Score

1^/10
behavioral3 behavioral4 behavioral5
- Target
  
  dynamic.jar
- Size
  
  77KB
- MD5
  
  79b01642cd37e97bb4bdc559c70d2f24
- SHA1
  
  6432046a8ddac21eb158f382c3200c09e64fddf4
- SHA256
  
  30dc2977fd546fbf324bba7cc218424c2cd1aba0f70783f4a4819984125e2c90
- SHA512
  
  a9fb7274357581ac54c48c22a22db5fd7fd298e32c30f6c0a5461cb65123b13245f6206cd756f80248ee1f9b4c2a1871251dcc62214971bc66a2ad3d66e44d06
- SSDEEP
  
  1536:FOEAI7LwNe++XmZuE+vrnV6tuwtONSaKLR7jPQyBoHBICDxw6:FO0Ie+4mZunvJIVQ8aeRXNBkIiw6
Score

1^/10
behavioral6 behavioral7 behavioral8
- Target
  
  gdtadv2.jar
- Size
  
  230KB
- MD5
  
  33aeb27eefc5ae7838f01186e27d8816
- SHA1
  
  2a7ef64266577916f05cc841c9f977ca8a34568f
- SHA256
  
  c6a8f2838c910a50b56bddad227ebed00b8b32a6869a432c83964b1150ad2c59
- SHA512
  
  ebd8ccc5750aa1c2a28e849149d0ef3d1c997479008a803a931ea10c82bd99d90797a99329690cbea6cbc18d45bbe481a5576abfe3ca8afc96dbb3974a0e00c5
- SSDEEP
  
  6144:B8Obhi9RAdTKqZVGee8QXMLzKb/n4BQk+m:BbhiTAEQeVsWrn4BUm
Score

1^/10
behavioral10 behavioral11 behavioral9

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11