65cb642507bfd560d4871e3767630e3f7f7d9b6d496cd00a11863f2ac2154ede | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c1eb061416ccf4405c09e8e9cb6a320e
Size

16.1MB
Sample

240311-3twa3sca74
MD5

c1eb061416ccf4405c09e8e9cb6a320e
SHA1

f14dc444e9ab744885984213d804042ef9603baf
SHA256

65cb642507bfd560d4871e3767630e3f7f7d9b6d496cd00a11863f2ac2154ede
SHA512

fa7748351aacda17e8ed8fe18d61e8097533e8b9d2a43469d4e66386a8cbb7d5051dfc99c7c5230a792ca2fa7f828b70ee0a03c77b60c5ed1351cddb4d167b36
SSDEEP

393216:mk5AUkOU1+PHAzq7CbHOwbafUUv3lFVoX4w4E9W2PU:mk+Ukd1IH+q2bHzgUuVFVo94E4z

Score

8^/10

android banker discovery evasion

Malware Config

Targets

- Target
  
  c1eb061416ccf4405c09e8e9cb6a320e
- Size
  
  16.1MB
- MD5
  
  c1eb061416ccf4405c09e8e9cb6a320e
- SHA1
  
  f14dc444e9ab744885984213d804042ef9603baf
- SHA256
  
  65cb642507bfd560d4871e3767630e3f7f7d9b6d496cd00a11863f2ac2154ede
- SHA512
  
  fa7748351aacda17e8ed8fe18d61e8097533e8b9d2a43469d4e66386a8cbb7d5051dfc99c7c5230a792ca2fa7f828b70ee0a03c77b60c5ed1351cddb4d167b36
- SSDEEP
  
  393216:mk5AUkOU1+PHAzq7CbHOwbafUUv3lFVoX4w4E9W2PU:mk+Ukd1IH+q2bHzgUuVFVo94E4z
Score

8^/10

banker discovery evasion
- Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps)
  banker discovery
- Reads information about phone network operator.
  discovery
- Listens for changes in the sensor environment (might be used to detect emulation)
  evasion
behavioral1 behavioral2

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Software Discovery

Security Software Discovery

System Network Configuration Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

bankerdiscoveryevasion

behavioral2

bankerdiscoveryevasion