5abfd481d1cac6f65cc5660824eb7d498329c60e07ada9b76393306e83c12bf5 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5abfd481d1cac6f65cc5660824eb7d498329c60e07ada9b76393306e83c12bf5
Size

15.3MB
Sample

240227-zrvd8abd37
MD5

6011430bf891ffc4fc5162c11e60777f
SHA1

6244e3d30deee5b3728118dbaeb8ab006d4fb338
SHA256

5abfd481d1cac6f65cc5660824eb7d498329c60e07ada9b76393306e83c12bf5
SHA512

eb1aecb9f6b806914797ee786c49fe82b6925f42195f7da72360bd675d5e0eab977ab94e2af470c43a3ae5f45e07674fd930b6d2e8c73d0479f891cdc55a6775
SSDEEP

196608:eqSsQUzbKszklQFExUe86ZYf9uXDJodXjF0/FYxEqulQg9Lf1u8Qc0:4sQqbXkQAdyf9uXyJS9YxEqq9ZAc0

Score

8^/10

android banker discovery evasion

Malware Config

Targets

- Target
  
  5abfd481d1cac6f65cc5660824eb7d498329c60e07ada9b76393306e83c12bf5
- Size
  
  15.3MB
- MD5
  
  6011430bf891ffc4fc5162c11e60777f
- SHA1
  
  6244e3d30deee5b3728118dbaeb8ab006d4fb338
- SHA256
  
  5abfd481d1cac6f65cc5660824eb7d498329c60e07ada9b76393306e83c12bf5
- SHA512
  
  eb1aecb9f6b806914797ee786c49fe82b6925f42195f7da72360bd675d5e0eab977ab94e2af470c43a3ae5f45e07674fd930b6d2e8c73d0479f891cdc55a6775
- SSDEEP
  
  196608:eqSsQUzbKszklQFExUe86ZYf9uXDJodXjF0/FYxEqulQg9Lf1u8Qc0:4sQqbXkQAdyf9uXyJS9YxEqq9ZAc0
Score

8^/10

banker discovery evasion
- Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
  banker discovery
- Checks Android system properties for emulator presence.
  evasion
- Loads dropped Dex/Jar
  Runs executable file dropped to the device during analysis.
- Reads information about phone network operator.
  discovery
behavioral1

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

System Checks

Credential Access

Discovery

Software Discovery

Security Software Discovery

System Network Configuration Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

bankerdiscoveryevasion