General
-
Target
5f830ca263271deb676bc8ba77d7ecc5cd3c0731f7e01b9050fbe6f20066c47b.apk
-
Size
20.5MB
-
Sample
240216-ty883adb9t
-
MD5
274b3854076ae54515453e34e7042793
-
SHA1
7607b232e147d8a26a1331e1be13b39e6dc6bc99
-
SHA256
5f830ca263271deb676bc8ba77d7ecc5cd3c0731f7e01b9050fbe6f20066c47b
-
SHA512
4418677aa987c3433b0d817c8fc4e0c98e5fd8f030b71ce4dd4ebf5f2a07e6d9256e2d7803aa9ea433f5d9efaa9c1e930f43b802b78d2f0132065e9d83a481ed
-
SSDEEP
393216:oBtbEsJA35z7A79L+FyZ1mbgafiubcEZjbnT9i/zVN2I+TXaFKKpPbNiRSKcssJP:E5LJA35z7c5dPmbBffcGj1i/zVN2IkK/
Behavioral task
behavioral1
Sample
5f830ca263271deb676bc8ba77d7ecc5cd3c0731f7e01b9050fbe6f20066c47b.apk
Resource
android-x86-arm-20231215-en
Behavioral task
behavioral2
Sample
5f830ca263271deb676bc8ba77d7ecc5cd3c0731f7e01b9050fbe6f20066c47b.apk
Resource
android-33-x64-arm64-20231215-en
Malware Config
Extracted
andrmonitor
https://anmon.name/mch.html
Targets
-
-
Target
5f830ca263271deb676bc8ba77d7ecc5cd3c0731f7e01b9050fbe6f20066c47b.apk
-
Size
20.5MB
-
MD5
274b3854076ae54515453e34e7042793
-
SHA1
7607b232e147d8a26a1331e1be13b39e6dc6bc99
-
SHA256
5f830ca263271deb676bc8ba77d7ecc5cd3c0731f7e01b9050fbe6f20066c47b
-
SHA512
4418677aa987c3433b0d817c8fc4e0c98e5fd8f030b71ce4dd4ebf5f2a07e6d9256e2d7803aa9ea433f5d9efaa9c1e930f43b802b78d2f0132065e9d83a481ed
-
SSDEEP
393216:oBtbEsJA35z7A79L+FyZ1mbgafiubcEZjbnT9i/zVN2I+TXaFKKpPbNiRSKcssJP:E5LJA35z7c5dPmbBffcGj1i/zVN2IkK/
-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
-
Loads dropped Dex/Jar
Runs executable file dropped to the device during analysis.
-
Acquires the wake lock
-
Queries the unique device ID (IMEI, MEID, IMSI)
-
Reads information about phone network operator.
-
Requests cell location
Uses Android APIs to to get current cell information.
-
Requests disabling of battery optimizations (often used to enable hiding in the background).
-