ecb27ad6d3adfa2e4891165847c3eb2c8f2984b85cc19c3bedeb9e2ca3bac9b0 | Triage

Resubmissions

11/03/2024, 13:58

240311-raapgsge55 8

11/03/2024, 13:50

240311-q5nzxscc3z 8

Sharing

Copy URL Twitter E-mail

General

Target

c0bf91a299c295b24b170e10299360bd
Size

17.6MB
Sample

240311-raapgsge55
MD5

c0bf91a299c295b24b170e10299360bd
SHA1

acd9abccce83bcb3bb5e15875e54e97d4ead2d50
SHA256

ecb27ad6d3adfa2e4891165847c3eb2c8f2984b85cc19c3bedeb9e2ca3bac9b0
SHA512

c9abbea5ea3a5b3c6e9a65abbbcec2785c51e8c8279e48eb29d8f358d07095e9642bfd21300c24edc56be27a09790c5f929706d84162a627b7b73ad2d24ed13b
SSDEEP

393216:aNQzwyRIE0FVXDWPexih7Mwb/QXnfIanSf7aoNavZ2d+pCFcQ:a6syKjFgmIRMwb/QXfPocvZ2cdQ

Score

8^/10

android discovery evasion

Malware Config

Targets

- Target
  
  c0bf91a299c295b24b170e10299360bd
- Size
  
  17.6MB
- MD5
  
  c0bf91a299c295b24b170e10299360bd
- SHA1
  
  acd9abccce83bcb3bb5e15875e54e97d4ead2d50
- SHA256
  
  ecb27ad6d3adfa2e4891165847c3eb2c8f2984b85cc19c3bedeb9e2ca3bac9b0
- SHA512
  
  c9abbea5ea3a5b3c6e9a65abbbcec2785c51e8c8279e48eb29d8f358d07095e9642bfd21300c24edc56be27a09790c5f929706d84162a627b7b73ad2d24ed13b
- SSDEEP
  
  393216:aNQzwyRIE0FVXDWPexih7Mwb/QXnfIanSf7aoNavZ2d+pCFcQ:a6syKjFgmIRMwb/QXfPocvZ2cdQ
Score

8^/10

discovery evasion
- Reads device subscriber ID
  Uses Android APIs to read subscriber ID (IMSI on GSM devices).
  discovery
- Checks Android system properties for emulator presence.
  evasion
- Checks known Qemu files.
  Checks for known Qemu files that exist on Android virtual device images.
  evasion
- Checks known Qemu pipes.
  Checks for known pipes used by the Android emulator to communicate with the host.
  evasion
- Loads dropped Dex/Jar
  Runs executable file dropped to the device during analysis.
  evasion
- Queries the unique device ID (IMEI, MEID, IMSI)
  discovery
behavioral1

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Download New Code at Runtime

Virtualization/Sandbox Evasion

System Checks

Credential Access

Discovery

System Network Configuration Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasion